Click or drag to resize

SecurityPolicy Class

Represents an authorization policy that can be used by WCF services for enabling role-based security.
Inheritance Hierarchy
SystemObject
  GSF.ServiceModelSecurityPolicy
    GSF.ServiceBusServiceBusSecurityPolicy

Namespace: GSF.ServiceModel
Assembly: GSF.ServiceModel (in GSF.ServiceModel.dll) Version: 2.4.207-beta
Syntax
public class SecurityPolicy : IAuthorizationPolicy, 
	IAuthorizationComponent
View Source

The SecurityPolicy type exposes the following members.

Constructors
 NameDescription
Public methodSecurityPolicy Initializes a new instance of the SecurityPolicy class.
Top
Properties
 NameDescription
Public propertyId Gets the identifier of this SecurityPolicy instance.
Public propertyIssuer Gets a claim set that represents the issuer of this SecurityPolicy.
Top
Methods
 NameDescription
Public methodEqualsDetermines whether the specified object is equal to the current object.
(Inherited from Object)
Public methodEvaluate Evaluates the evaluationContext and initializes security.
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.
(Inherited from Object)
Public methodGetHashCodeServes as the default hash function.
(Inherited from Object)
Protected methodGetResourceName Gets the name of resource being accessed.
Public methodGetTypeGets the Type of the current instance.
(Inherited from Object)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object.
(Inherited from Object)
Public methodToStringReturns a string that represents the current object.
(Inherited from Object)
Top
Extension Methods
 NameDescription
Public Extension MethodGetEnumValueOrDefault Gets the enumeration constant for value, if defined in the enumeration, or a default value.
(Defined by EnumExtensions)
Public Extension MethodGetEnumValueOrDefaultT Gets the enumeration constant for this value, if defined in the enumeration, or a default value.
(Defined by EnumExtensions)
Top
Example
Common config file entries:
C#
<?xml version="1.0"?>
<configuration>
  <configSections>
    <section name="categorizedSettings" type="GSF.Configuration.CategorizedSettingsSection, GSF.Core" />
  </configSections>
  <categorizedSettings>
    <securityProvider>
      <add name="ApplicationName" value="" description="Name of the application being secured as defined in the backend security datastore."
        encrypted="false" />
      <add name="ConnectionString" value="" description="Connection string to be used for connection to the backend security datastore."
        encrypted="false" />
      <add name="ProviderType" value="GSF.Security.LdapSecurityProvider, GSF.Security"
        description="The type to be used for enforcing security." encrypted="false" />
      <add name="IncludedResources" value="*/*.*=*" description="Semicolon delimited list of resources to be secured along with role names."
        encrypted="false" />
      <add name="ExcludedResources" value="*/SecurityService.svc*"
        description="Semicolon delimited list of resources to be excluded from being secured."
        encrypted="false" />
      <add name="NotificationSmtpServer" value="localhost" description="SMTP server to be used for sending out email notification messages."
        encrypted="false" />
      <add name="NotificationSenderEmail" value="sender@company.com" description="Email address of the sender of email notification messages." 
        encrypted="false" />
    </securityProvider>
    <activeDirectory>
      <add name="PrivilegedDomain" value="" description="Domain of privileged domain user account."
        encrypted="false" />
      <add name="PrivilegedUserName" value="" description="Username of privileged domain user account."
        encrypted="false" />
      <add name="PrivilegedPassword" value="" description="Password of privileged domain user account."
        encrypted="true" />
    </activeDirectory>
  </categorizedSettings>
</configuration>
Internal WCF service configuration:
C#
<?xml version="1.0"?>
<configuration>
  <system.serviceModel>
    <services>
      <service name="WcfService1.Service1" behaviorConfiguration="serviceBehavior">
        <endpoint address="" contract="WcfService1.IService1" binding="webHttpBinding" 
                  bindingConfiguration="endpointBinding" behaviorConfiguration="endpointBehavior" />
      </service>
    </services>
    <behaviors>
      <endpointBehaviors>
        <behavior name="endpointBehavior">
          <webHttp/>
        </behavior>
      </endpointBehaviors>
      <serviceBehaviors>
        <behavior name="serviceBehavior">
          <serviceAuthorization principalPermissionMode="Custom">
            <authorizationPolicies>
              <add policyType="GSF.ServiceModel.SecurityPolicy, GSF.ServiceModel" />
            </authorizationPolicies>
          </serviceAuthorization>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <bindings>
      <webHttpBinding>
        <binding name="endpointBinding">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows"/>
          </security>
        </binding>
      </webHttpBinding>
    </bindings>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="false" />
  </system.serviceModel>
</configuration>
External WCF service configuration:
C#
<?xml version="1.0"?>
<configuration>
  <system.web>
    <httpModules>
      <add name="SecurityModule" type="GSF.ServiceModel.SecurityModule, GSF.ServiceModel" />
    </httpModules>
  </system.web>
  <system.serviceModel>
    <services>
      <service name="WcfService1.Service1" behaviorConfiguration="serviceBehavior">
        <endpoint address="" contract="WcfService1.IService1" binding="webHttpBinding" 
                  bindingConfiguration="endpointBinding" behaviorConfiguration="endpointBehavior"/>
      </service>
    </services>
    <behaviors>
      <endpointBehaviors>
        <behavior name="endpointBehavior">
          <webHttp/>
        </behavior>
      </endpointBehaviors>
      <serviceBehaviors>
        <behavior name="serviceBehavior">
          <serviceAuthorization principalPermissionMode="Custom">
            <authorizationPolicies>
              <add policyType="GSF.ServiceModel.SecurityPolicy, GSF.ServiceModel" />
            </authorizationPolicies>
          </serviceAuthorization>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <bindings>
      <webHttpBinding>
        <binding name="endpointBinding">
          <security mode="None" />
        </binding>
      </webHttpBinding>
    </bindings>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
  </system.serviceModel>
</configuration>
See Also