API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 28th, 2016
136
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.01 KB | None | 0 0
raw download clone embed print report
  1. <o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" mustUnderstand="1">
  2. <Timestamp Id="_0">
  3. <Created>
  4. 2013-04-05T16:35:07.341Z</Created>
  5. <Expires>2013-04-05T16:40:07.341Z</Expires>
  6. </Timestamp>
  7. <o:UsernameToken Id="uuid-ac5ffd20-8137-4524-8ea9-3f4f55c0274c-12">
  8. <o:Username>someusername</o:Username>
  9. <o:Password o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">somepassword
  10. </o:Password>
  11. </o:UsernameToken>
  12. </o:Security>
  13.  
  14. using System;
  15. using System.Collections.Generic;
  16. using System.IO;
  17. using System.Text;
  18. using System.ServiceModel.Dispatcher;
  19. using System.ServiceModel.Channels;
  20. using System.ServiceModel;
  21. using System.Xml;
  22.  
  23. namespace your_namespace
  24. {
  25.  
  26.  
  27. /// <summary>
  28. /// /************************************
  29. /// *
  30. /// * Creating Message inspector for
  31. /// * updating all outgoing messages with Caller identifier header
  32. /// * read http://msdn.microsoft.com/en-us/magazine/cc163302.aspx
  33. /// * for more details
  34. /// *
  35. /// *********************/
  36. /// </summary>
  37. public class CredentialsMessageInspector : IDispatchMessageInspector,
  38. IClientMessageInspector
  39. {
  40. public object AfterReceiveRequest(ref Message request,
  41. IClientChannel channel,
  42. InstanceContext instanceContext)
  43. {
  44. return null;
  45. }
  46.  
  47. public void BeforeSendReply(ref Message reply, object
  48. correlationState)
  49. {
  50. #if DEBUG
  51. //// Leave empty
  52. //MessageBuffer buffer = reply.CreateBufferedCopy(Int32.MaxValue);
  53. //Message message = buffer.CreateMessage();
  54. ////Assign a copy to the ref received
  55. //reply = buffer.CreateMessage();
  56.  
  57.  
  58. //StringWriter stringWriter = new StringWriter();
  59. //XmlTextWriter xmlTextWriter = new XmlTextWriter(stringWriter);
  60. //message.WriteMessage(xmlTextWriter);
  61. //xmlTextWriter.Flush();
  62. //xmlTextWriter.Close();
  63.  
  64. //String messageContent = stringWriter.ToString();
  65. #endif
  66. }
  67.  
  68. public void AfterReceiveReply(ref Message reply, object
  69. correlationState)
  70. {
  71. #if DEBUG
  72. //// Leave empty
  73. //MessageBuffer buffer = reply.CreateBufferedCopy(Int32.MaxValue);
  74. //Message message = buffer.CreateMessage();
  75. ////Assign a copy to the ref received
  76. //reply = buffer.CreateMessage();
  77.  
  78.  
  79. //StringWriter stringWriter = new StringWriter();
  80. //XmlTextWriter xmlTextWriter = new XmlTextWriter(stringWriter);
  81. //message.WriteMessage(xmlTextWriter);
  82. //xmlTextWriter.Flush();
  83. //xmlTextWriter.Close();
  84.  
  85. //String messageContent = stringWriter.ToString();
  86. #endif
  87. }
  88.  
  89. public object BeforeSendRequest(ref Message request,
  90. IClientChannel channel)
  91. {
  92. request = CredentialsHelper.AddCredentialsHeader(ref request);
  93. return null;
  94. }
  95.  
  96. #region IDispatchMessageInspector Members
  97.  
  98. #endregion
  99. }
  100. }
  101.  
  102. using System;
  103. using System.Collections.Generic;
  104. using System.Linq;
  105. using System.Runtime.CompilerServices;
  106. using System.Text;
  107. using System.ServiceModel.Channels;
  108. using System.ServiceModel;
  109.  
  110. namespace your_namespace
  111. {
  112.  
  113. public class CredentialsHelper
  114. {
  115. // siple string is for example - you can use your data structure here
  116. private static readonly string CredentialsHeaderName = "MyCredentials";
  117. private static readonly string CredentialsHeaderNamespace = "urn:Urn_probably_like_your_namespance";
  118.  
  119. /// <summary>
  120. /// Update message with credentials
  121. /// </summary>
  122. public static Message AddCredentialsHeader(ref Message request)
  123. {
  124.  
  125. string user = "John";
  126. string password = "Doe";
  127.  
  128. string cred = string.Format("{0},{1}", user, password);
  129.  
  130. // Add header
  131. MessageHeader<string> header = new MessageHeader<string>(cred);
  132. MessageHeader untyped = header.GetUntypedHeader(CredentialsHeaderName, CredentialsHeaderNamespace);
  133.  
  134. request = request.CreateBufferedCopy(int.MaxValue).CreateMessage();
  135. request.Headers.Add(untyped);
  136.  
  137. return request;
  138. }
  139.  
  140. /// <summary>
  141. /// Get details of current credentials from client-side added incoming headers
  142. ///
  143. /// Return empty credentials when empty credentials specified
  144. /// or when exception was occurred
  145. /// </summary>
  146. public static string GetCredentials()
  147. {
  148. string credentialDetails = string.Empty;
  149. try
  150. {
  151. credentialDetails = OperationContext.Current.IncomingMessageHeaders.
  152. GetHeader<string>
  153. (CredentialsHeaderName, CredentialsHeaderNamespace);
  154. }
  155. catch
  156. {
  157. // TODO: ...
  158. }
  159. return credentialDetails;
  160. }
  161.  
  162. }
  163. }
  164.  
  165. public void MyServerSideMethod()
  166. {
  167. string credentials = CredentialsHelper.GetCredentials();
  168. . . .
  169. }
  170.  
  171. public class MyServiceAuthorizationManager: System.ServiceModel.ServiceAuthorizationManager
  172. {
  173. public override bool CheckAccess(OperationContext operationContext, ref Message message)
  174. {
  175. var reqProp = message.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty;
  176. var authHeader = reqProp.Headers[HttpRequestHeader.Authorization];
  177.  
  178. var authorized = // decide if this message is authorized...
  179.  
  180. if (!authorized)
  181. {
  182. var webContext = new WebOperationContext(operationContext);
  183. webContext.OutgoingResponse.StatusCode = HttpStatusCode.Unauthorized;
  184. webContext.OutgoingResponse.Headers.Add(HttpResponseHeader.WwwAuthenticate, String.Format("Bearer realm="{0}"", baseUri.AbsoluteUri));
  185. }
  186.  
  187. return authorized;
  188. }
  189. }
  190.  
  191. restAPIServiceHost = new DataServiceHost(typeof(API.RestAPIService), restUris);
  192.  
  193. var saz = restAPIServiceHost.Description.Behaviors.Find<ServiceAuthorizationBehavior>();
  194. if (saz == null)
  195. {
  196. saz = new ServiceAuthorizationBehavior();
  197. restAPIServiceHost.Description.Behaviors.Add(saz);
  198. }
  199.  
  200. saz.ServiceAuthorizationManager = new MyServiceAuthorizationManager();
  201.  
  202. restAPIServiceHost.Open();
  203.  
  204. <system.serviceModel>
  205. <services>
  206. <service behaviorConfiguration="DefaultServiceBehavior" name="MyService">
  207. <endpoint address="basic" binding="basicHttpBinding" bindingConfiguration="BasicAuthenticationBinding" name="MyEndpoint" contract="MyContract" />
  208. </service>
  209. </services>
  210. <bindings>
  211. <basicHttpBinding>
  212. <binding name="BasicAuthenticationBinding">
  213. <security mode="Transport">
  214. <transport clientCredentialType="Basic" />
  215. </security>
  216. </binding>
  217. </basicHttpBinding>
  218. </bindings>
  219. </system.serviceModel>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!