Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" mustUnderstand="1">
- <Timestamp Id="_0">
- <Created>
- 2013-04-05T16:35:07.341Z</Created>
- <Expires>2013-04-05T16:40:07.341Z</Expires>
- </Timestamp>
- <o:UsernameToken Id="uuid-ac5ffd20-8137-4524-8ea9-3f4f55c0274c-12">
- <o:Username>someusername</o:Username>
- <o:Password o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">somepassword
- </o:Password>
- </o:UsernameToken>
- </o:Security>
- using System;
- using System.Collections.Generic;
- using System.IO;
- using System.Text;
- using System.ServiceModel.Dispatcher;
- using System.ServiceModel.Channels;
- using System.ServiceModel;
- using System.Xml;
- namespace your_namespace
- {
- /// <summary>
- /// /************************************
- /// *
- /// * Creating Message inspector for
- /// * updating all outgoing messages with Caller identifier header
- /// * read http://msdn.microsoft.com/en-us/magazine/cc163302.aspx
- /// * for more details
- /// *
- /// *********************/
- /// </summary>
- public class CredentialsMessageInspector : IDispatchMessageInspector,
- IClientMessageInspector
- {
- public object AfterReceiveRequest(ref Message request,
- IClientChannel channel,
- InstanceContext instanceContext)
- {
- return null;
- }
- public void BeforeSendReply(ref Message reply, object
- correlationState)
- {
- #if DEBUG
- //// Leave empty
- //MessageBuffer buffer = reply.CreateBufferedCopy(Int32.MaxValue);
- //Message message = buffer.CreateMessage();
- ////Assign a copy to the ref received
- //reply = buffer.CreateMessage();
- //StringWriter stringWriter = new StringWriter();
- //XmlTextWriter xmlTextWriter = new XmlTextWriter(stringWriter);
- //message.WriteMessage(xmlTextWriter);
- //xmlTextWriter.Flush();
- //xmlTextWriter.Close();
- //String messageContent = stringWriter.ToString();
- #endif
- }
- public void AfterReceiveReply(ref Message reply, object
- correlationState)
- {
- #if DEBUG
- //// Leave empty
- //MessageBuffer buffer = reply.CreateBufferedCopy(Int32.MaxValue);
- //Message message = buffer.CreateMessage();
- ////Assign a copy to the ref received
- //reply = buffer.CreateMessage();
- //StringWriter stringWriter = new StringWriter();
- //XmlTextWriter xmlTextWriter = new XmlTextWriter(stringWriter);
- //message.WriteMessage(xmlTextWriter);
- //xmlTextWriter.Flush();
- //xmlTextWriter.Close();
- //String messageContent = stringWriter.ToString();
- #endif
- }
- public object BeforeSendRequest(ref Message request,
- IClientChannel channel)
- {
- request = CredentialsHelper.AddCredentialsHeader(ref request);
- return null;
- }
- #region IDispatchMessageInspector Members
- #endregion
- }
- }
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Runtime.CompilerServices;
- using System.Text;
- using System.ServiceModel.Channels;
- using System.ServiceModel;
- namespace your_namespace
- {
- public class CredentialsHelper
- {
- // siple string is for example - you can use your data structure here
- private static readonly string CredentialsHeaderName = "MyCredentials";
- private static readonly string CredentialsHeaderNamespace = "urn:Urn_probably_like_your_namespance";
- /// <summary>
- /// Update message with credentials
- /// </summary>
- public static Message AddCredentialsHeader(ref Message request)
- {
- string user = "John";
- string password = "Doe";
- string cred = string.Format("{0},{1}", user, password);
- // Add header
- MessageHeader<string> header = new MessageHeader<string>(cred);
- MessageHeader untyped = header.GetUntypedHeader(CredentialsHeaderName, CredentialsHeaderNamespace);
- request = request.CreateBufferedCopy(int.MaxValue).CreateMessage();
- request.Headers.Add(untyped);
- return request;
- }
- /// <summary>
- /// Get details of current credentials from client-side added incoming headers
- ///
- /// Return empty credentials when empty credentials specified
- /// or when exception was occurred
- /// </summary>
- public static string GetCredentials()
- {
- string credentialDetails = string.Empty;
- try
- {
- credentialDetails = OperationContext.Current.IncomingMessageHeaders.
- GetHeader<string>
- (CredentialsHeaderName, CredentialsHeaderNamespace);
- }
- catch
- {
- // TODO: ...
- }
- return credentialDetails;
- }
- }
- }
- public void MyServerSideMethod()
- {
- string credentials = CredentialsHelper.GetCredentials();
- . . .
- }
- public class MyServiceAuthorizationManager: System.ServiceModel.ServiceAuthorizationManager
- {
- public override bool CheckAccess(OperationContext operationContext, ref Message message)
- {
- var reqProp = message.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty;
- var authHeader = reqProp.Headers[HttpRequestHeader.Authorization];
- var authorized = // decide if this message is authorized...
- if (!authorized)
- {
- var webContext = new WebOperationContext(operationContext);
- webContext.OutgoingResponse.StatusCode = HttpStatusCode.Unauthorized;
- webContext.OutgoingResponse.Headers.Add(HttpResponseHeader.WwwAuthenticate, String.Format("Bearer realm="{0}"", baseUri.AbsoluteUri));
- }
- return authorized;
- }
- }
- restAPIServiceHost = new DataServiceHost(typeof(API.RestAPIService), restUris);
- var saz = restAPIServiceHost.Description.Behaviors.Find<ServiceAuthorizationBehavior>();
- if (saz == null)
- {
- saz = new ServiceAuthorizationBehavior();
- restAPIServiceHost.Description.Behaviors.Add(saz);
- }
- saz.ServiceAuthorizationManager = new MyServiceAuthorizationManager();
- restAPIServiceHost.Open();
- <system.serviceModel>
- <services>
- <service behaviorConfiguration="DefaultServiceBehavior" name="MyService">
- <endpoint address="basic" binding="basicHttpBinding" bindingConfiguration="BasicAuthenticationBinding" name="MyEndpoint" contract="MyContract" />
- </service>
- </services>
- <bindings>
- <basicHttpBinding>
- <binding name="BasicAuthenticationBinding">
- <security mode="Transport">
- <transport clientCredentialType="Basic" />
- </security>
- </binding>
- </basicHttpBinding>
- </bindings>
- </system.serviceModel>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement