Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version

WCF Service Behavior Example: IPFilter - Allow/Deny Access by IP Address

, 15 Jun 2009 CPOL
WCF Service Behavior Example: IPFilter - Allow/Deny Access by IP Address
IPFilterExample.zip
IPFilterTests
bin
Debug
IPFilter.dll
IPFilterTests.dll
Configuration
Mock
Properties
TestWebsite
App_Data
bin
IPFilter.dll
IPFilter.pdb
TestWebsite.dll
TestWebsite.pdb
Filtered
Properties
TestWebsite.csproj.user
IPFilterExample.suo
IPFilterExample.vsmdi
IPFilterExample1.vsmdi
IPFilterExample2.vsmdi
LocalTestRun.testrunconfig
IPFilter
bin
Debug
IPFilter.dll
Configuration
Properties
IPFilterExamples.zip
IPFilterExample3.vsmdi
LocalTestRun.testrunconfig
IPFilter.dll
IPFilter.csproj.user
IPFilter.dll
IPFilterTests.dll
IPFilter.dll
IPFilter.pdb
TestWebsite.dll
TestWebsite.pdb
TestWebsite.csproj.user
IPFilterExample.vsmdi
IPFilterExample1.vsmdi
IPFilterExample2.vsmdi
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.ServiceModel.Dispatcher;
using System.ServiceModel.Description;
using System.ServiceModel.Channels;
using System.ServiceModel;
using System.Net;
using System.Configuration;
using System.ServiceModel.Configuration;
using IPFiltering.Configuration;

namespace IPFiltering
{
    public class IPFilterServiceBehavior : IDispatchMessageInspector, IServiceBehavior
    {
        private static readonly object _httpAccessDeined = new object();
        private static readonly object _accessDenied = new object();
        private IPFilter _verifier;

        /// <summary>
        /// Initializes a new instance of the <see cref="IPFilterServiceBehavior"/> class.
        /// </summary>
        /// <param name="filterName">Name of the filter.</param>
        public IPFilterServiceBehavior(string filterName)
        {
            _verifier = Configuration.FilterFactory.Create(IPFilterConfiguration.Default.Filters[filterName]);
        }

        /// <summary>
        /// Called after an inbound message has been received but before the message is dispatched to the intended operation.
        /// </summary>
        /// <param name="request">The request message.</param>
        /// <param name="channel">The incoming channel.</param>
        /// <param name="instanceContext">The current service instance.</param>
        /// <returns>
        /// The object used to correlate state. This object is passed back in the <see cref="M:System.ServiceModel.Dispatcher.IDispatchMessageInspector.BeforeSendReply(System.ServiceModel.Channels.Message@,System.Object)"/> method.
        /// </returns>
        public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
        {
            // RemoteEndpointMessageProperty new in 3.5 allows us to get the remote endpoint address.
            RemoteEndpointMessageProperty remoteEndpoint = request.Properties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;

            // The address is a string so we have to parse to get as a number
            IPAddress address = IPAddress.Parse(remoteEndpoint.Address);

            // If ip address is denied clear the request mesage so service method does not get execute
            if (_verifier.CheckAddress(address) == IPFilterType.Deny)
            {
                request = null;
                return (channel.LocalAddress.Uri.Scheme.Equals(Uri.UriSchemeHttp) ||
                    channel.LocalAddress.Uri.Scheme.Equals(Uri.UriSchemeHttps)) ?
                    _httpAccessDeined : _accessDenied;
            }

            return null;
        }

        /// <summary>
        /// Called after the operation has returned but before the reply message is sent.
        /// </summary>
        /// <param name="reply">The reply message. This value is null if the operation is one way.</param>
        /// <param name="correlationState">The correlation object returned from the <see cref="M:System.ServiceModel.Dispatcher.IDispatchMessageInspector.AfterReceiveRequest(System.ServiceModel.Channels.Message@,System.ServiceModel.IClientChannel,System.ServiceModel.InstanceContext)"/> method.</param>
        public void BeforeSendReply(ref Message reply, object correlationState)
        {
            if (correlationState == _httpAccessDeined)
            {
                HttpResponseMessageProperty responseProperty = new HttpResponseMessageProperty();
                responseProperty.StatusCode = (HttpStatusCode)401;
                reply.Properties["httpResponse"] = responseProperty;                
            }
        }

        /// <summary>
        /// Provides the ability to pass custom data to binding elements to support the contract implementation.
        /// </summary>
        /// <param name="serviceDescription">The service description of the service.</param>
        /// <param name="serviceHostBase">The host of the service.</param>
        /// <param name="endpoints">The service endpoints.</param>
        /// <param name="bindingParameters">Custom objects to which binding elements have access.</param>
        public void AddBindingParameters(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase, System.Collections.ObjectModel.Collection<ServiceEndpoint> endpoints, System.ServiceModel.Channels.BindingParameterCollection bindingParameters)
        {

        }
        
        /// <summary>
        /// Provides the ability to change run-time property values or insert custom extension objects such as error handlers, message or parameter interceptors, security extensions, and other custom extension objects.
        /// </summary>
        /// <param name="serviceDescription">The service description.</param>
        /// <param name="serviceHostBase">The host that is currently being built.</param>
        public void ApplyDispatchBehavior(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase)
        {
            foreach (ChannelDispatcher channelDispatcher in serviceHostBase.ChannelDispatchers)
            {
                foreach (EndpointDispatcher endpointDispatcher in channelDispatcher.Endpoints)
                {
                    endpointDispatcher.DispatchRuntime.MessageInspectors.Add(this);
                }
            }  
        }

        /// <summary>
        /// Provides the ability to inspect the service host and the service description to confirm that the service can run successfully.
        /// </summary>
        /// <param name="serviceDescription">The service description.</param>
        /// <param name="serviceHostBase">The service host that is currently being constructed.</param>
        public void Validate(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase)
        {
            
        }

    }

    public class IPFilterBehaviorExtension : BehaviorExtensionElement
    {
        /// <summary>
        /// Gets or sets the name of the filter.
        /// </summary>
        /// <value>The name of the filter.</value>
        [ConfigurationProperty("filterName", IsRequired = true)]
        public virtual string FilterName
        {
            get
            {
                return this["filterName"] as string;
            }
            set
            {

                this["providerName"] = value;
            }
        }
        /// <summary>
        /// Gets the type of behavior.
        /// </summary>
        /// <value></value>
        /// <returns>A <see cref="T:System.Type"/>.</returns>
        public override Type BehaviorType
        {
            get
            {
                return typeof(IPFilterServiceBehavior);
            }
        }

        /// <summary>
        /// Creates a behavior extension based on the current configuration settings.
        /// </summary>
        /// <returns>The behavior extension.</returns>
        protected override object CreateBehavior()
        {
            return new IPFilterServiceBehavior(this.FilterName);
        }
    }
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Ziad Elmalki

United States United States
No Biography provided

| Advertise | Privacy | Mobile
Web02 | 2.8.141029.1 | Last Updated 16 Jun 2009
Article Copyright 2009 by Ziad Elmalki
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid