1 //----------------------------------------------------------------------------- 2 // Copyright (c) Microsoft Corporation. All rights reserved. 3 //----------------------------------------------------------------------------- 4 namespace System.ServiceModel.Security.Tokens 5 { 6 using System.IdentityModel.Claims; 7 using System.ServiceModel; 8 using System.IdentityModel.Policy; 9 using System.IdentityModel.Tokens; 10 using System.Collections.Generic; 11 using System.Collections.ObjectModel; 12 using System.Security.Principal; 13 using System.Net; 14 15 public class SspiSecurityToken : SecurityToken 16 { 17 string id; 18 TokenImpersonationLevel impersonationLevel; 19 bool allowNtlm; 20 NetworkCredential networkCredential; 21 bool extractGroupsForWindowsAccounts; 22 bool allowUnauthenticatedCallers = SspiSecurityTokenProvider.DefaultAllowUnauthenticatedCallers; 23 DateTime effectiveTime; 24 DateTime expirationTime; 25 SspiSecurityToken(TokenImpersonationLevel impersonationLevel, bool allowNtlm, NetworkCredential networkCredential)26 public SspiSecurityToken(TokenImpersonationLevel impersonationLevel, bool allowNtlm, NetworkCredential networkCredential) 27 { 28 this.impersonationLevel = impersonationLevel; 29 this.allowNtlm = allowNtlm; 30 this.networkCredential = SecurityUtils.GetNetworkCredentialsCopy(networkCredential); 31 this.effectiveTime = DateTime.UtcNow; 32 this.expirationTime = this.effectiveTime.AddHours(10); 33 } 34 SspiSecurityToken(NetworkCredential networkCredential, bool extractGroupsForWindowsAccounts, bool allowUnauthenticatedCallers)35 public SspiSecurityToken(NetworkCredential networkCredential, bool extractGroupsForWindowsAccounts, bool allowUnauthenticatedCallers) 36 { 37 this.networkCredential = SecurityUtils.GetNetworkCredentialsCopy(networkCredential); 38 this.extractGroupsForWindowsAccounts = extractGroupsForWindowsAccounts; 39 this.allowUnauthenticatedCallers = allowUnauthenticatedCallers; 40 this.effectiveTime = DateTime.UtcNow; 41 this.expirationTime = this.effectiveTime.AddHours(10); 42 } 43 44 public override string Id 45 { 46 get 47 { 48 if (this.id == null) 49 this.id = SecurityUniqueId.Create().Value; 50 return this.id; 51 } 52 } 53 54 public override DateTime ValidFrom 55 { 56 get { return this.effectiveTime; } 57 } 58 59 public override DateTime ValidTo 60 { 61 get { return this.expirationTime; } 62 } 63 64 public bool AllowUnauthenticatedCallers 65 { 66 get 67 { 68 return this.allowUnauthenticatedCallers; 69 } 70 } 71 72 public TokenImpersonationLevel ImpersonationLevel 73 { 74 get 75 { 76 return this.impersonationLevel; 77 } 78 } 79 80 public bool AllowNtlm 81 { 82 get 83 { 84 return this.allowNtlm; 85 } 86 } 87 88 public NetworkCredential NetworkCredential 89 { 90 get 91 { 92 return this.networkCredential; 93 } 94 } 95 96 public bool ExtractGroupsForWindowsAccounts 97 { 98 get 99 { 100 return this.extractGroupsForWindowsAccounts; 101 } 102 } 103 104 public override ReadOnlyCollection<SecurityKey> SecurityKeys 105 { 106 get 107 { 108 return EmptyReadOnlyCollection<SecurityKey>.Instance; 109 } 110 } 111 } 112 } 113