mcs/class/System.ServiceModel/System.ServiceModel/WSHttpBinding.cs

   1 //
   2 // WSHttpBinding.cs
   3 //
   4 // Author:
   5 //      Atsushi Enomoto <atsushi@ximian.com>
   6 //
   7 // Copyright (C) 2005-2006 Novell, Inc.  http://www.novell.com
   8 //
   9 // Permission is hereby granted, free of charge, to any person obtaining
  10 // a copy of this software and associated documentation files (the
  11 // "Software"), to deal in the Software without restriction, including
  12 // without limitation the rights to use, copy, modify, merge, publish,
  13 // distribute, sublicense, and/or sell copies of the Software, and to
  14 // permit persons to whom the Software is furnished to do so, subject to
  15 // the following conditions:
  16 //
  17 // The above copyright notice and this permission notice shall be
  18 // included in all copies or substantial portions of the Software.
  19 //
  20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  27 //
  28 using System;
  29 using System.Collections.Generic;
  30 using System.Net.Security;
  31 using System.ServiceModel.Channels;
  32 using System.ServiceModel.Description;
  33 using System.ServiceModel.Security;
  34 using System.ServiceModel.Security.Tokens;
  35
  36 namespace System.ServiceModel
  37 {
  38         public class WSHttpBinding : WSHttpBindingBase
  39         {
  40                 WSHttpSecurity security;
  41                 bool allow_cookies;
  42
  43                 public WSHttpBinding ()
  44                         : this (SecurityMode.Message)
  45                 {
  46                 }
  47
  48                 public WSHttpBinding (SecurityMode mode)
  49                         : this (mode, false)
  50                 {
  51                 }
  52
  53                 public WSHttpBinding (SecurityMode mode,
  54                         bool reliableSessionEnabled)
  55                         : base (reliableSessionEnabled)
  56                 {
  57                         security = new WSHttpSecurity (mode);
  58                 }
  59
  60                 [MonoTODO]
  61                 public WSHttpBinding (string configurationName)
  62                 {
  63                         throw new NotImplementedException ();
  64                 }
  65
  66                 [MonoTODO]
  67                 public bool AllowCookies {
  68                         get { return allow_cookies; }
  69                         set { allow_cookies = value; }
  70                 }
  71
  72                 [MonoTODO]
  73                 public WSHttpSecurity Security {
  74                         get { return security; }
  75                 }
  76
  77                 [MonoTODO]
  78                 public override BindingElementCollection CreateBindingElements ()
  79                 {
  80                         BindingElementCollection bc = base.CreateBindingElements ();
  81                         // message security element is returned only when
  82                         // it is enabled (while CreateMessageSecurity() still
  83                         // returns non-null instance).
  84                         switch (Security.Mode) {
  85                         case SecurityMode.None:
  86                         case SecurityMode.Transport:
  87                                 bc.RemoveAll<SecurityBindingElement> ();
  88                                 break;
  89                         }
  90                         return bc;
  91                 }
  92
  93                 [MonoTODO]
  94                 protected override SecurityBindingElement CreateMessageSecurity ()
  95                 {
  96                         if (Security.Mode == SecurityMode.Transport ||
  97                             Security.Mode == SecurityMode.None)
  98                                 return null;
  99
 100                         SymmetricSecurityBindingElement element =
 101                                 new SymmetricSecurityBindingElement ();
 102
 103                         element.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
 104                         element.RequireSignatureConfirmation = true;
 105
 106                         switch (Security.Message.ClientCredentialType) {
 107                         case MessageCredentialType.Certificate:
 108                                 X509SecurityTokenParameters p =
 109                                         new X509SecurityTokenParameters (X509KeyIdentifierClauseType.Thumbprint);
 110                                 p.RequireDerivedKeys = false;
 111                                 element.EndpointSupportingTokenParameters.Endorsing.Add (p);
 112                                 goto default;
 113                         case MessageCredentialType.IssuedToken:
 114                                 IssuedSecurityTokenParameters istp =
 115                                         new IssuedSecurityTokenParameters ();
 116                                 // FIXME: issuer binding must be secure.
 117                                 istp.IssuerBinding = new CustomBinding (
 118                                         new TextMessageEncodingBindingElement (),
 119                                         GetTransport ());
 120                                 element.EndpointSupportingTokenParameters.Endorsing.Add (istp);
 121                                 goto default;
 122                         case MessageCredentialType.UserName:
 123                                 element.EndpointSupportingTokenParameters.SignedEncrypted.Add (
 124                                         new UserNameSecurityTokenParameters ());
 125                                 element.RequireSignatureConfirmation = false;
 126                                 goto default;
 127                         case MessageCredentialType.Windows:
 128                                 if (Security.Message.NegotiateServiceCredential) {
 129                                         // No SSPI on Linux though...
 130                                         element.ProtectionTokenParameters =
 131                                                 // FIXME: fill proper parameters
 132                                                 new SspiSecurityTokenParameters ();
 133                                 } else {
 134                                         // and no Kerberos ...
 135                                         element.ProtectionTokenParameters =
 136                                                 new KerberosSecurityTokenParameters ();
 137                                 }
 138                                 break;
 139                         default: // including .None
 140                                 if (Security.Message.NegotiateServiceCredential) {
 141                                         element.ProtectionTokenParameters =
 142                                                 // FIXME: fill proper parameters
 143                                                 new SslSecurityTokenParameters (false, true);
 144                                 } else {
 145                                         element.ProtectionTokenParameters =
 146                                                 new X509SecurityTokenParameters (X509KeyIdentifierClauseType.Thumbprint, SecurityTokenInclusionMode.Never);
 147                                         element.ProtectionTokenParameters.RequireDerivedKeys = true;
 148                                 }
 149                                 break;
 150                         }
 151
 152                         if (!Security.Message.EstablishSecurityContext)
 153                                 return element;
 154
 155                         // SecureConversation enabled
 156
 157                         ChannelProtectionRequirements reqs =
 158                                 new ChannelProtectionRequirements ();
 159                         // FIXME: fill the reqs
 160
 161                         return SecurityBindingElement.CreateSecureConversationBindingElement (
 162                                 // FIXME: requireCancellation
 163                                 element, true, reqs);
 164                 }
 165
 166                 [MonoTODO]
 167                 protected override TransportBindingElement GetTransport ()
 168                 {
 169                         switch (Security.Mode) {
 170                         case SecurityMode.Transport:
 171                         case SecurityMode.TransportWithMessageCredential:
 172                                 return new HttpsTransportBindingElement ();
 173                         default:
 174                                 return new HttpTransportBindingElement ();
 175                         }
 176                 }
 177         }
 178 }