2 // ServiceCredentialsElement.cs
5 // Atsushi Enomoto <atsushi@ximian.com>
7 // Copyright (C) 2006 Novell, Inc. http://www.novell.com
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using System.Collections;
31 using System.Collections.Generic;
32 using System.Collections.ObjectModel;
33 using System.ComponentModel;
34 using System.Configuration;
36 using System.Net.Security;
37 using System.Reflection;
38 using System.Security.Cryptography.X509Certificates;
39 using System.Security.Principal;
40 using System.IdentityModel.Claims;
41 using System.IdentityModel.Policy;
42 using System.IdentityModel.Selectors;
43 using System.IdentityModel.Tokens;
44 using System.ServiceModel;
45 using System.ServiceModel.Channels;
46 using System.ServiceModel.Description;
47 using System.ServiceModel.Diagnostics;
48 using System.ServiceModel.Dispatcher;
49 using System.ServiceModel.MsmqIntegration;
50 using System.ServiceModel.PeerResolvers;
51 using System.ServiceModel.Security;
52 using System.Runtime.Serialization;
54 using System.Web.Security;
57 namespace System.ServiceModel.Configuration
59 public class ServiceCredentialsElement : BehaviorExtensionElement
61 public ServiceCredentialsElement () {
67 public override Type BehaviorType {
68 get { return typeof (ServiceCredentials); }
71 [ConfigurationProperty ("clientCertificate",
72 Options = ConfigurationPropertyOptions.None)]
73 public X509InitiatorCertificateServiceElement ClientCertificate {
74 get { return (X509InitiatorCertificateServiceElement) base ["clientCertificate"]; }
77 [ConfigurationProperty ("issuedTokenAuthentication",
78 Options = ConfigurationPropertyOptions.None)]
79 public IssuedTokenServiceElement IssuedTokenAuthentication {
80 get { return (IssuedTokenServiceElement) base ["issuedTokenAuthentication"]; }
83 [ConfigurationProperty ("peer",
84 Options = ConfigurationPropertyOptions.None)]
85 public PeerCredentialElement Peer {
86 get { return (PeerCredentialElement) base ["peer"]; }
89 protected override ConfigurationPropertyCollection Properties {
90 get { return base.Properties; }
93 [ConfigurationProperty ("secureConversationAuthentication",
94 Options = ConfigurationPropertyOptions.None)]
95 public SecureConversationServiceElement SecureConversationAuthentication {
96 get { return (SecureConversationServiceElement) base ["secureConversationAuthentication"]; }
99 [ConfigurationProperty ("serviceCertificate",
100 Options = ConfigurationPropertyOptions.None)]
101 public X509RecipientCertificateServiceElement ServiceCertificate {
102 get { return (X509RecipientCertificateServiceElement) base ["serviceCertificate"]; }
105 [StringValidator (MinLength = 0,
106 MaxLength = int.MaxValue,
107 InvalidCharacters = null)]
108 [ConfigurationProperty ("type",
109 Options = ConfigurationPropertyOptions.None,
112 get { return (string) base ["type"]; }
113 set { base ["type"] = value; }
116 [ConfigurationProperty ("userNameAuthentication",
117 Options = ConfigurationPropertyOptions.None)]
118 public UserNameServiceElement UserNameAuthentication {
119 get { return (UserNameServiceElement) base ["userNameAuthentication"]; }
122 [ConfigurationProperty ("windowsAuthentication",
123 Options = ConfigurationPropertyOptions.None)]
124 public WindowsServiceElement WindowsAuthentication {
125 get { return (WindowsServiceElement) base ["windowsAuthentication"]; }
128 protected internal override object CreateBehavior ()
130 var sb = new ServiceCredentials ();
131 ApplyConfiguration (sb);
135 protected internal void ApplyConfiguration (ServiceCredentials sb)
138 foreach (AllowedAudienceUriElement ae in IssuedTokenAuthentication.AllowedAudienceUris)
139 sb.IssuedTokenAuthentication.AllowedAudienceUris.Add (ae.AllowedAudienceUri);
140 sb.IssuedTokenAuthentication.AllowUntrustedRsaIssuers = IssuedTokenAuthentication.AllowUntrustedRsaIssuers;
141 sb.IssuedTokenAuthentication.AudienceUriMode = IssuedTokenAuthentication.AudienceUriMode;
143 if (!String.IsNullOrEmpty (IssuedTokenAuthentication.CustomCertificateValidatorType))
144 sb.IssuedTokenAuthentication.CustomCertificateValidator = (X509CertificateValidator) CreateInstance (IssuedTokenAuthentication.CustomCertificateValidatorType);
145 sb.IssuedTokenAuthentication.CertificateValidationMode = IssuedTokenAuthentication.CertificateValidationMode;
146 sb.IssuedTokenAuthentication.RevocationMode = IssuedTokenAuthentication.RevocationMode;
147 sb.IssuedTokenAuthentication.TrustedStoreLocation = IssuedTokenAuthentication.TrustedStoreLocation;
148 foreach (X509CertificateTrustedIssuerElement ce in IssuedTokenAuthentication.KnownCertificates)
149 sb.IssuedTokenAuthentication.KnownCertificates.Add (GetCertificate (ce.StoreLocation, ce.StoreName, ce.X509FindType, ce.FindValue));
151 sb.IssuedTokenAuthentication.SamlSerializer = (SamlSerializer) CreateInstance (IssuedTokenAuthentication.SamlSerializerType);
155 if (!String.IsNullOrEmpty (Peer.Certificate.FindValue))
156 sb.Peer.SetCertificate (Peer.Certificate.StoreLocation, Peer.Certificate.StoreName, Peer.Certificate.X509FindType, Peer.Certificate.FindValue);
157 // sb.Peer.MeshPassword = /* cannot fill it here */
158 sb.Peer.MessageSenderAuthentication.CustomCertificateValidator = (X509CertificateValidator) CreateInstance (Peer.MessageSenderAuthentication.CustomCertificateValidatorType);
159 sb.Peer.MessageSenderAuthentication.CertificateValidationMode = Peer.MessageSenderAuthentication.CertificateValidationMode;
160 sb.Peer.MessageSenderAuthentication.RevocationMode = Peer.MessageSenderAuthentication.RevocationMode;
161 sb.Peer.MessageSenderAuthentication.TrustedStoreLocation = Peer.MessageSenderAuthentication.TrustedStoreLocation;
162 sb.Peer.PeerAuthentication.CustomCertificateValidator = (X509CertificateValidator) CreateInstance (Peer.PeerAuthentication.CustomCertificateValidatorType);
163 sb.Peer.PeerAuthentication.CertificateValidationMode = Peer.PeerAuthentication.CertificateValidationMode;
164 sb.Peer.PeerAuthentication.RevocationMode = Peer.PeerAuthentication.RevocationMode;
165 sb.Peer.PeerAuthentication.TrustedStoreLocation = Peer.PeerAuthentication.TrustedStoreLocation;
168 sb.SecureConversationAuthentication.SecurityStateEncoder = (SecurityStateEncoder) CreateInstance (SecureConversationAuthentication.SecurityStateEncoderType);
171 if (!String.IsNullOrEmpty (ServiceCertificate.FindValue))
172 sb.ServiceCertificate.SetCertificate (ServiceCertificate.StoreLocation, ServiceCertificate.StoreName, ServiceCertificate.X509FindType, ServiceCertificate.FindValue);
175 sb.UserNameAuthentication.CachedLogonTokenLifetime = UserNameAuthentication.CachedLogonTokenLifetime;
176 sb.UserNameAuthentication.CacheLogonTokens = UserNameAuthentication.CacheLogonTokens;
177 sb.UserNameAuthentication.CustomUserNamePasswordValidator = (UserNamePasswordValidator) CreateInstance (UserNameAuthentication.CustomUserNamePasswordValidatorType);
178 sb.UserNameAuthentication.IncludeWindowsGroups = UserNameAuthentication.IncludeWindowsGroups;
179 sb.UserNameAuthentication.MaxCachedLogonTokens = UserNameAuthentication.MaxCachedLogonTokens;
180 sb.UserNameAuthentication.MembershipProvider = (MembershipProvider) CreateInstance (UserNameAuthentication.MembershipProviderName);
181 sb.UserNameAuthentication.UserNamePasswordValidationMode = UserNameAuthentication.UserNamePasswordValidationMode;
184 sb.WindowsAuthentication.AllowAnonymousLogons = WindowsAuthentication.AllowAnonymousLogons;
185 sb.WindowsAuthentication.IncludeWindowsGroups = WindowsAuthentication.IncludeWindowsGroups;
188 X509Certificate2 GetCertificate (StoreLocation storeLocation, StoreName storeName, X509FindType findType, object findValue)
190 return ConfigUtil.CreateCertificateFrom (storeLocation, storeName, findType, findValue);
193 object CreateInstance (string typeName)
195 return String.IsNullOrEmpty (typeName) ? null : Activator.CreateInstance (System.Type.GetType (typeName, true));