1 // 2 // ServiceCredentialsElement.cs 3 // 4 // Author: 5 // Atsushi Enomoto <atsushi@ximian.com> 6 // 7 // Copyright (C) 2006 Novell, Inc. http://www.novell.com 8 // 9 // Permission is hereby granted, free of charge, to any person obtaining 10 // a copy of this software and associated documentation files (the 11 // "Software"), to deal in the Software without restriction, including 12 // without limitation the rights to use, copy, modify, merge, publish, 13 // distribute, sublicense, and/or sell copies of the Software, and to 14 // permit persons to whom the Software is furnished to do so, subject to 15 // the following conditions: 16 // 17 // The above copyright notice and this permission notice shall be 18 // included in all copies or substantial portions of the Software. 19 // 20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 27 // 28 29 using System; 30 using System.Collections; 31 using System.Collections.Generic; 32 using System.Collections.ObjectModel; 33 using System.ComponentModel; 34 using System.Configuration; 35 using System.Net; 36 using System.Net.Security; 37 using System.Reflection; 38 using System.Security.Cryptography.X509Certificates; 39 using System.Security.Principal; 40 using System.IdentityModel.Claims; 41 using System.IdentityModel.Policy; 42 using System.IdentityModel.Selectors; 43 using System.IdentityModel.Tokens; 44 using System.ServiceModel; 45 using System.ServiceModel.Channels; 46 using System.ServiceModel.Description; 47 using System.ServiceModel.Diagnostics; 48 using System.ServiceModel.Dispatcher; 49 using System.ServiceModel.MsmqIntegration; 50 using System.ServiceModel.PeerResolvers; 51 using System.ServiceModel.Security; 52 using System.Runtime.Serialization; 53 using System.Text; 54 using System.Web.Security; 55 using System.Xml; 56 57 namespace System.ServiceModel.Configuration 58 { 59 public class ServiceCredentialsElement : BehaviorExtensionElement 60 { ServiceCredentialsElement()61 public ServiceCredentialsElement () { 62 } 63 64 65 // Properties 66 67 public override Type BehaviorType { 68 get { return typeof (ServiceCredentials); } 69 } 70 71 [ConfigurationProperty ("clientCertificate", 72 Options = ConfigurationPropertyOptions.None)] 73 public X509InitiatorCertificateServiceElement ClientCertificate { 74 get { return (X509InitiatorCertificateServiceElement) base ["clientCertificate"]; } 75 } 76 77 [ConfigurationProperty ("issuedTokenAuthentication", 78 Options = ConfigurationPropertyOptions.None)] 79 public IssuedTokenServiceElement IssuedTokenAuthentication { 80 get { return (IssuedTokenServiceElement) base ["issuedTokenAuthentication"]; } 81 } 82 83 [ConfigurationProperty ("peer", 84 Options = ConfigurationPropertyOptions.None)] 85 public PeerCredentialElement Peer { 86 get { return (PeerCredentialElement) base ["peer"]; } 87 } 88 89 protected override ConfigurationPropertyCollection Properties { 90 get { return base.Properties; } 91 } 92 93 [ConfigurationProperty ("secureConversationAuthentication", 94 Options = ConfigurationPropertyOptions.None)] 95 public SecureConversationServiceElement SecureConversationAuthentication { 96 get { return (SecureConversationServiceElement) base ["secureConversationAuthentication"]; } 97 } 98 99 [ConfigurationProperty ("serviceCertificate", 100 Options = ConfigurationPropertyOptions.None)] 101 public X509RecipientCertificateServiceElement ServiceCertificate { 102 get { return (X509RecipientCertificateServiceElement) base ["serviceCertificate"]; } 103 } 104 105 [StringValidator (MinLength = 0, 106 MaxLength = int.MaxValue, 107 InvalidCharacters = null)] 108 [ConfigurationProperty ("type", 109 Options = ConfigurationPropertyOptions.None, 110 DefaultValue = "")] 111 public string Type { 112 get { return (string) base ["type"]; } 113 set { base ["type"] = value; } 114 } 115 116 [ConfigurationProperty ("userNameAuthentication", 117 Options = ConfigurationPropertyOptions.None)] 118 public UserNameServiceElement UserNameAuthentication { 119 get { return (UserNameServiceElement) base ["userNameAuthentication"]; } 120 } 121 122 [ConfigurationProperty ("windowsAuthentication", 123 Options = ConfigurationPropertyOptions.None)] 124 public WindowsServiceElement WindowsAuthentication { 125 get { return (WindowsServiceElement) base ["windowsAuthentication"]; } 126 } 127 CreateBehavior()128 protected internal override object CreateBehavior () 129 { 130 var sb = new ServiceCredentials (); 131 ApplyConfiguration (sb); 132 return sb; 133 } 134 ApplyConfiguration(ServiceCredentials behavior)135 protected internal void ApplyConfiguration (ServiceCredentials behavior) 136 { 137 // IssuedToken 138 foreach (AllowedAudienceUriElement ae in IssuedTokenAuthentication.AllowedAudienceUris) 139 behavior.IssuedTokenAuthentication.AllowedAudienceUris.Add (ae.AllowedAudienceUri); 140 behavior.IssuedTokenAuthentication.AllowUntrustedRsaIssuers = IssuedTokenAuthentication.AllowUntrustedRsaIssuers; 141 behavior.IssuedTokenAuthentication.AudienceUriMode = IssuedTokenAuthentication.AudienceUriMode; 142 143 if (!String.IsNullOrEmpty (IssuedTokenAuthentication.CustomCertificateValidatorType)) 144 behavior.IssuedTokenAuthentication.CustomCertificateValidator = (X509CertificateValidator) CreateInstance (IssuedTokenAuthentication.CustomCertificateValidatorType); 145 behavior.IssuedTokenAuthentication.CertificateValidationMode = IssuedTokenAuthentication.CertificateValidationMode; 146 behavior.IssuedTokenAuthentication.RevocationMode = IssuedTokenAuthentication.RevocationMode; 147 behavior.IssuedTokenAuthentication.TrustedStoreLocation = IssuedTokenAuthentication.TrustedStoreLocation; 148 foreach (X509CertificateTrustedIssuerElement ce in IssuedTokenAuthentication.KnownCertificates) 149 behavior.IssuedTokenAuthentication.KnownCertificates.Add (GetCertificate (ce.StoreLocation, ce.StoreName, ce.X509FindType, ce.FindValue)); 150 151 behavior.IssuedTokenAuthentication.SamlSerializer = (SamlSerializer) CreateInstance (IssuedTokenAuthentication.SamlSerializerType); 152 153 154 // Peer 155 if (!String.IsNullOrEmpty (Peer.Certificate.FindValue)) 156 behavior.Peer.SetCertificate (Peer.Certificate.StoreLocation, Peer.Certificate.StoreName, Peer.Certificate.X509FindType, Peer.Certificate.FindValue); 157 // sb.Peer.MeshPassword = /* cannot fill it here */ 158 behavior.Peer.MessageSenderAuthentication.CustomCertificateValidator = (X509CertificateValidator) CreateInstance (Peer.MessageSenderAuthentication.CustomCertificateValidatorType); 159 behavior.Peer.MessageSenderAuthentication.CertificateValidationMode = Peer.MessageSenderAuthentication.CertificateValidationMode; 160 behavior.Peer.MessageSenderAuthentication.RevocationMode = Peer.MessageSenderAuthentication.RevocationMode; 161 behavior.Peer.MessageSenderAuthentication.TrustedStoreLocation = Peer.MessageSenderAuthentication.TrustedStoreLocation; 162 behavior.Peer.PeerAuthentication.CustomCertificateValidator = (X509CertificateValidator) CreateInstance (Peer.PeerAuthentication.CustomCertificateValidatorType); 163 behavior.Peer.PeerAuthentication.CertificateValidationMode = Peer.PeerAuthentication.CertificateValidationMode; 164 behavior.Peer.PeerAuthentication.RevocationMode = Peer.PeerAuthentication.RevocationMode; 165 behavior.Peer.PeerAuthentication.TrustedStoreLocation = Peer.PeerAuthentication.TrustedStoreLocation; 166 167 // WSSC 168 behavior.SecureConversationAuthentication.SecurityStateEncoder = (SecurityStateEncoder) CreateInstance (SecureConversationAuthentication.SecurityStateEncoderType); 169 170 // X509 171 if (!String.IsNullOrEmpty (ServiceCertificate.FindValue)) 172 behavior.ServiceCertificate.SetCertificate (ServiceCertificate.StoreLocation, ServiceCertificate.StoreName, ServiceCertificate.X509FindType, ServiceCertificate.FindValue); 173 174 // UserNamePassword 175 behavior.UserNameAuthentication.CachedLogonTokenLifetime = UserNameAuthentication.CachedLogonTokenLifetime; 176 behavior.UserNameAuthentication.CacheLogonTokens = UserNameAuthentication.CacheLogonTokens; 177 behavior.UserNameAuthentication.CustomUserNamePasswordValidator = (UserNamePasswordValidator) CreateInstance (UserNameAuthentication.CustomUserNamePasswordValidatorType); 178 behavior.UserNameAuthentication.IncludeWindowsGroups = UserNameAuthentication.IncludeWindowsGroups; 179 behavior.UserNameAuthentication.MaxCachedLogonTokens = UserNameAuthentication.MaxCachedLogonTokens; 180 behavior.UserNameAuthentication.MembershipProvider = (MembershipProvider) CreateInstance (UserNameAuthentication.MembershipProviderName); 181 behavior.UserNameAuthentication.UserNamePasswordValidationMode = UserNameAuthentication.UserNamePasswordValidationMode; 182 183 // Windows 184 behavior.WindowsAuthentication.AllowAnonymousLogons = WindowsAuthentication.AllowAnonymousLogons; 185 behavior.WindowsAuthentication.IncludeWindowsGroups = WindowsAuthentication.IncludeWindowsGroups; 186 } 187 GetCertificate(StoreLocation storeLocation, StoreName storeName, X509FindType findType, object findValue)188 X509Certificate2 GetCertificate (StoreLocation storeLocation, StoreName storeName, X509FindType findType, object findValue) 189 { 190 return ConfigUtil.CreateCertificateFrom (storeLocation, storeName, findType, findValue); 191 } 192 CreateInstance(string typeName)193 object CreateInstance (string typeName) 194 { 195 return String.IsNullOrEmpty (typeName) ? null : Activator.CreateInstance (System.Type.GetType (typeName, true)); 196 } 197 } 198 199 } 200