1 // 2 // WSHttpBinding.cs 3 // 4 // Author: 5 // Atsushi Enomoto <atsushi@ximian.com> 6 // 7 // Copyright (C) 2005-2006 Novell, Inc. http://www.novell.com 8 // 9 // Permission is hereby granted, free of charge, to any person obtaining 10 // a copy of this software and associated documentation files (the 11 // "Software"), to deal in the Software without restriction, including 12 // without limitation the rights to use, copy, modify, merge, publish, 13 // distribute, sublicense, and/or sell copies of the Software, and to 14 // permit persons to whom the Software is furnished to do so, subject to 15 // the following conditions: 16 // 17 // The above copyright notice and this permission notice shall be 18 // included in all copies or substantial portions of the Software. 19 // 20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 27 // 28 using System; 29 using System.Collections.Generic; 30 using System.Net.Security; 31 using System.ServiceModel.Channels; 32 using System.ServiceModel.Description; 33 using System.ServiceModel.Security; 34 using System.ServiceModel.Security.Tokens; 35 36 namespace System.ServiceModel 37 { 38 public class WSHttpBinding : WSHttpBindingBase 39 { 40 WSHttpSecurity security; 41 bool allow_cookies; 42 WSHttpBinding()43 public WSHttpBinding () 44 : this (SecurityMode.Message) 45 { 46 } 47 WSHttpBinding(SecurityMode securityMode)48 public WSHttpBinding (SecurityMode securityMode) 49 : this (securityMode, false) 50 { 51 } 52 WSHttpBinding(SecurityMode securityMode, bool reliableSessionEnabled)53 public WSHttpBinding (SecurityMode securityMode, 54 bool reliableSessionEnabled) 55 : base (reliableSessionEnabled) 56 { 57 security = new WSHttpSecurity (securityMode); 58 } 59 60 [MonoTODO] WSHttpBinding(string configName)61 public WSHttpBinding (string configName) 62 { 63 throw new NotImplementedException (); 64 } 65 66 [MonoTODO] 67 public bool AllowCookies { 68 get { return allow_cookies; } 69 set { allow_cookies = value; } 70 } 71 72 [MonoTODO] 73 public WSHttpSecurity Security { 74 get { return security; } 75 } 76 77 [MonoTODO] CreateBindingElements()78 public override BindingElementCollection CreateBindingElements () 79 { 80 BindingElementCollection bc = base.CreateBindingElements (); 81 // message security element is returned only when 82 // it is enabled (while CreateMessageSecurity() still 83 // returns non-null instance). 84 switch (Security.Mode) { 85 case SecurityMode.None: 86 case SecurityMode.Transport: 87 bc.RemoveAll<SecurityBindingElement> (); 88 break; 89 } 90 return bc; 91 } 92 93 [MonoTODO] CreateMessageSecurity()94 protected override SecurityBindingElement CreateMessageSecurity () 95 { 96 if (Security.Mode == SecurityMode.Transport || 97 Security.Mode == SecurityMode.None) 98 return null; 99 100 SymmetricSecurityBindingElement element = 101 new SymmetricSecurityBindingElement (); 102 103 element.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10; 104 element.RequireSignatureConfirmation = true; 105 106 switch (Security.Message.ClientCredentialType) { 107 case MessageCredentialType.Certificate: 108 X509SecurityTokenParameters p = 109 new X509SecurityTokenParameters (X509KeyIdentifierClauseType.Thumbprint); 110 p.RequireDerivedKeys = false; 111 element.EndpointSupportingTokenParameters.Endorsing.Add (p); 112 goto default; 113 case MessageCredentialType.IssuedToken: 114 IssuedSecurityTokenParameters istp = 115 new IssuedSecurityTokenParameters (); 116 // FIXME: issuer binding must be secure. 117 istp.IssuerBinding = new CustomBinding ( 118 new TextMessageEncodingBindingElement (), 119 GetTransport ()); 120 element.EndpointSupportingTokenParameters.Endorsing.Add (istp); 121 goto default; 122 case MessageCredentialType.UserName: 123 element.EndpointSupportingTokenParameters.SignedEncrypted.Add ( 124 new UserNameSecurityTokenParameters ()); 125 element.RequireSignatureConfirmation = false; 126 goto default; 127 case MessageCredentialType.Windows: 128 if (Security.Message.NegotiateServiceCredential) { 129 // No SSPI on Linux though... 130 element.ProtectionTokenParameters = 131 // FIXME: fill proper parameters 132 new SspiSecurityTokenParameters (); 133 } else { 134 // and no Kerberos ... 135 element.ProtectionTokenParameters = 136 new KerberosSecurityTokenParameters (); 137 } 138 break; 139 default: // including .None 140 if (Security.Message.NegotiateServiceCredential) { 141 element.ProtectionTokenParameters = 142 // FIXME: fill proper parameters 143 new SslSecurityTokenParameters (false, true); 144 } else { 145 element.ProtectionTokenParameters = 146 new X509SecurityTokenParameters (X509KeyIdentifierClauseType.Thumbprint, SecurityTokenInclusionMode.Never); 147 element.ProtectionTokenParameters.RequireDerivedKeys = true; 148 } 149 break; 150 } 151 152 if (!Security.Message.EstablishSecurityContext) 153 return element; 154 155 // SecureConversation enabled 156 157 ChannelProtectionRequirements reqs = 158 new ChannelProtectionRequirements (); 159 // FIXME: fill the reqs 160 161 return SecurityBindingElement.CreateSecureConversationBindingElement ( 162 // FIXME: requireCancellation 163 element, true, reqs); 164 } 165 166 [MonoTODO] GetTransport()167 protected override TransportBindingElement GetTransport () 168 { 169 switch (Security.Mode) { 170 case SecurityMode.Transport: 171 case SecurityMode.TransportWithMessageCredential: 172 return new HttpsTransportBindingElement (); 173 default: 174 return new HttpTransportBindingElement (); 175 } 176 } 177 } 178 } 179