zydronium/websitepanel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial project's source code check-in.

Browse source
This commit is contained in:
ptsurbeleu 2011-07-13 16:07:32 -07:00
commit b03b0b373f
4573 changed files with 981205 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

97
WebsitePanel/Sources/WebsitePanel.Server/Code/AutoDiscoveryHelper.cs Normal file
View file

@ -0,0 +1,97 @@
// Copyright (c) 2011, Outercurve Foundation.
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification,
// are permitted provided that the following conditions are met:
//
// - Redistributions of source code must retain the above copyright notice, this
// list of conditions and the following disclaimer.
//
// - Redistributions in binary form must reproduce the above copyright notice,
// this list of conditions and the following disclaimer in the documentation
// and/or other materials provided with the distribution.
//
// - Neither the name of the Outercurve Foundation nor the names of its
// contributors may be used to endorse or promote products derived from this
// software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
// ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
using System;
using System.Configuration;
using WebsitePanel.Providers;
using WebsitePanel.Providers.Common;
using WebsitePanel.Server.Utils;
using System.Reflection;
namespace WebsitePanel.Server.Code
{
public class AutoDiscoveryHelper
{
public const string DisableAutoDiscovery = "DisableAutoDiscovery";
public static BoolResult IsInstalled(string name)
{
Log.WriteStart("IsInstalled started. Name:{0}", name);
BoolResult res = new BoolResult {IsSuccess = true};
try
{
bool disableAutoDiscovery;
if (!bool.TryParse(ConfigurationManager.AppSettings[DisableAutoDiscovery], out disableAutoDiscovery))
disableAutoDiscovery = false;
if (disableAutoDiscovery)
{
res.Value = true;
}
else
{
if (string.IsNullOrEmpty(name))
{
res.IsSuccess = false;
res.ErrorCodes.Add(ErrorCodes.PROVIDER_NANE_IS_NOT_SPECIFIED);
return res;
}
Type providerType = Type.GetType(name);
IHostingServiceProvider provider = (IHostingServiceProvider)Activator.CreateInstance(providerType);
res.Value = provider.IsInstalled();
}
}
catch (Exception ex)
{
res.IsSuccess = false;
res.ErrorCodes.Add(ErrorCodes.CANNOT_CREATE_PROVIDER_INSTANCE);
Log.WriteError(ex);
}
finally
{
Log.WriteEnd("IsInstalled ended. Name:{0}", name);
}
return res;
}
public static string GetServerVersion()
{
object[] attrs = Assembly.GetExecutingAssembly().GetCustomAttributes(typeof(AssemblyInformationalVersionAttribute), true);
if (attrs.Length > 0)
return ((AssemblyInformationalVersionAttribute)attrs[0]).InformationalVersion;
else
return typeof(AutoDiscoveryHelper).Assembly.GetName().Version.ToString(3);
}
}
}

126
WebsitePanel/Sources/WebsitePanel.Server/Code/ServerConfiguration.cs Normal file
View file

@ -0,0 +1,126 @@
// Copyright (c) 2011, Outercurve Foundation.
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification,
// are permitted provided that the following conditions are met:
//
// - Redistributions of source code must retain the above copyright notice, this
// list of conditions and the following disclaimer.
//
// - Redistributions in binary form must reproduce the above copyright notice,
// this list of conditions and the following disclaimer in the documentation
// and/or other materials provided with the distribution.
//
// - Neither the name of the Outercurve Foundation nor the names of its
// contributors may be used to endorse or promote products derived from this
// software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
// ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
using System;
using System.Data;
using System.Configuration;
using System.Collections.Generic;
using System.Web;
using System.Xml;
namespace WebsitePanel.Server
{
/// <summary>
/// Summary description for ServerConfiguration
/// </summary>
public class ServerConfiguration : IConfigurationSectionHandler
{
#region Public Properties
private static SecuritySettings security = null;
public static SecuritySettings Security
{
get
{
return security;
}
}
#endregion
private ServerConfiguration()
{
}
static ServerConfiguration()
{
LoadConfiguration();
}
private static void LoadConfiguration()
{
ConfigurationManager.GetSection("websitepanel.server");
}
public object Create(object parent, object configContext, System.Xml.XmlNode section)
{
// parse "security" section
XmlNode nodeSecurity = section.SelectSingleNode("security");
if (nodeSecurity == null)
throw new Exception("'websitepanel/security' section is missing");
security = new SecuritySettings();
security.ParseSection(nodeSecurity);
return null;
}
#region Inner Classes
public class SecuritySettings
{
private bool securityEnabled;
private string password;
public bool SecurityEnabled
{
get { return this.securityEnabled; }
set { this.securityEnabled = value; }
}
public string Password
{
get { return this.password; }
set { this.password = value; }
}
public void ParseSection(XmlNode section)
{
// enabled
XmlNode nodeEnabled = section.SelectSingleNode("enabled");
if (nodeEnabled == null)
throw new Exception("'websitepanel/security/enabled' node is missing");
if (nodeEnabled.Attributes["value"] == null)
throw new Exception("'websitepanel/security/enabled/@value' attribute is missing");
securityEnabled = true;
Boolean.TryParse(nodeEnabled.Attributes["value"].Value, out securityEnabled);
// password
XmlNode nodePassword = section.SelectSingleNode("password");
if (nodePassword == null)
throw new Exception("'websitepanel/security/password' node is missing");
if (nodePassword.Attributes["value"] == null)
throw new Exception("'websitepanel/security/password/@value' attribute is missing");
password = nodePassword.Attributes["value"].Value;
}
}
#endregion
}
}

74
WebsitePanel/Sources/WebsitePanel.Server/Code/ServerUsernameTokenManager.cs Normal file
View file

@ -0,0 +1,74 @@
// Copyright (c) 2011, Outercurve Foundation.
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification,
// are permitted provided that the following conditions are met:
//
// - Redistributions of source code must retain the above copyright notice, this
// list of conditions and the following disclaimer.
//
// - Redistributions in binary form must reproduce the above copyright notice,
// this list of conditions and the following disclaimer in the documentation
// and/or other materials provided with the distribution.
//
// - Neither the name of the Outercurve Foundation nor the names of its
// contributors may be used to endorse or promote products derived from this
// software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
// ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
using System;
using System.Configuration;
using System.Diagnostics;
using System.Collections.Generic;
using System.Text;
using System.Xml;
using Microsoft.Web.Services3;
using Microsoft.Web.Services3.Design;
using Microsoft.Web.Services3.Security;
using Microsoft.Web.Services3.Security.Tokens;
namespace WebsitePanel.Server
{
public class ServerUsernameTokenManager : UsernameTokenManager
{
/// <summary>
/// Constructs an instance of this security token manager.
/// </summary>
public ServerUsernameTokenManager()
{
}
/// <summary>
/// Constructs an instance of this security token manager.
/// </summary>
/// <param name="nodes">An XmlNodeList containing XML elements from a configuration file.</param>
public ServerUsernameTokenManager(XmlNodeList nodes)
: base(nodes)
{
}
/// <summary>
/// Returns the password or password equivalent for the username provided.
/// </summary>
/// <param name="token">The username token</param>
/// <returns>The password (or password equivalent) for the username</returns>
protected override string AuthenticateToken(UsernameToken token)
{
string password = ServerConfiguration.Security.Password;
if (String.IsNullOrEmpty(password))
throw new Exception("Empty password");
return password;
}
}
}

187
WebsitePanel/Sources/WebsitePanel.Server/Code/UsernameAssertion.cs Normal file
View file

@ -0,0 +1,187 @@
// Copyright (c) 2011, Outercurve Foundation.
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification,
// are permitted provided that the following conditions are met:
//
// - Redistributions of source code must retain the above copyright notice, this
// list of conditions and the following disclaimer.
//
// - Redistributions in binary form must reproduce the above copyright notice,
// this list of conditions and the following disclaimer in the documentation
// and/or other materials provided with the distribution.
//
// - Neither the name of the Outercurve Foundation nor the names of its
// contributors may be used to endorse or promote products derived from this
// software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
// ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
using System;
using System.Configuration;
using System.Xml;
using System.Diagnostics;
using System.Collections.Generic;
using System.Text;
using System.Web;
using Microsoft.Web.Services3;
using Microsoft.Web.Services3.Design;
using Microsoft.Web.Services3.Security;
using Microsoft.Web.Services3.Security.Tokens;
namespace WebsitePanel.Server
{
public class UsernameAssertion : SecurityPolicyAssertion
{
public override SoapFilter CreateServiceInputFilter(FilterCreationContext context)
{
return new ServiceInputFilter(this, context);
}
public override SoapFilter CreateServiceOutputFilter(FilterCreationContext context)
{
return null;
}
public override SoapFilter CreateClientInputFilter(FilterCreationContext context)
{
// this assertion is intended to work only on service side
return null;
}
public override SoapFilter CreateClientOutputFilter(FilterCreationContext context)
{
// this assertion is intended to work only on service side
return null;
}
public override void ReadXml(XmlReader reader, IDictionary<string, Type> extensions)
{
if (reader == null)
throw new ArgumentNullException("reader");
if (extensions == null)
throw new ArgumentNullException("extensions");
// find the current extension
string tagName = null;
foreach (string extName in extensions.Keys)
{
if (extensions[extName] == typeof(UsernameAssertion))
{
tagName = extName;
break;
}
}
// read the first element (maybe empty)
reader.ReadStartElement(tagName);
}
public override void WriteXml(XmlWriter writer)
{
// Typically this is not needed for custom policies
}
#region ServiceInputFilter
public class ServiceInputFilter : ReceiveSecurityFilter
{
UsernameAssertion parentAssertion;
FilterCreationContext filterContext;
public ServiceInputFilter(UsernameAssertion parentAssertion, FilterCreationContext filterContext)
: base(parentAssertion.ServiceActor, false, parentAssertion.ClientActor)
{
this.parentAssertion = parentAssertion;
this.filterContext = filterContext;
}
public override void ValidateMessageSecurity(SoapEnvelope envelope, Security security)
{
if (!ServerConfiguration.Security.SecurityEnabled)
return;
// by default we consider that SOAP messages is not signed
bool IsSigned = false;
// if security element is null
// the call is made not from WSE-enabled client
if (security != null)
{
foreach (ISecurityElement element in security.Elements)
{
if (element is MessageSignature)
{
// The given context contains a Signature element.
MessageSignature sign = element as MessageSignature;
if (CheckSignature(envelope, security, sign))
{
// The SOAP message is signed.
if (sign.SigningToken is UsernameToken)
{
UsernameToken token = sign.SigningToken as UsernameToken;
// The SOAP message is signed
// with a UsernameToken.
IsSigned = true;
}
}
}
}
}
// throw an exception if the message did not pass all the tests
if (!IsSigned)
throw new SecurityFault("Message did not meet security requirements.");
}
private bool CheckSignature(SoapEnvelope envelope, Security security, MessageSignature signature)
{
//
// Now verify which parts of the message were actually signed.
//
SignatureOptions actualOptions = signature.SignatureOptions;
SignatureOptions expectedOptions = SignatureOptions.IncludeSoapBody;
if (security != null && security.Timestamp != null)
expectedOptions |= SignatureOptions.IncludeTimestamp;
//
// The <Action> and <To> are required addressing elements.
//
expectedOptions |= SignatureOptions.IncludeAction;
expectedOptions |= SignatureOptions.IncludeTo;
if (envelope.Context.Addressing.FaultTo != null && envelope.Context.Addressing.FaultTo.TargetElement != null)
expectedOptions |= SignatureOptions.IncludeFaultTo;
if (envelope.Context.Addressing.From != null && envelope.Context.Addressing.From.TargetElement != null)
expectedOptions |= SignatureOptions.IncludeFrom;
if (envelope.Context.Addressing.MessageID != null && envelope.Context.Addressing.MessageID.TargetElement != null)
expectedOptions |= SignatureOptions.IncludeMessageId;
if (envelope.Context.Addressing.RelatesTo != null && envelope.Context.Addressing.RelatesTo.TargetElement != null)
expectedOptions |= SignatureOptions.IncludeRelatesTo;
if (envelope.Context.Addressing.ReplyTo != null && envelope.Context.Addressing.ReplyTo.TargetElement != null)
expectedOptions |= SignatureOptions.IncludeReplyTo;
//
// Check if the all the expected options are the present.
//
return ((expectedOptions & actualOptions) == expectedOptions);
}
}
#endregion
}
}