具有Saml令牌的WCF自定义凭据 | 具有Saml令牌的WCF自定义凭据

本文介绍了具有Saml令牌的WCF自定义凭据的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在努力实现以下目标:

1.客户呼叫STS.
2. STS返回一个saml令牌
3.客户端调用提供令牌的任何服务.

对于第1步和第2步，我使用常规WCF，没什么特别的，只是序列化从STS返回的saml令牌.

对于步骤3，我使用客户端/服务凭据，令牌管理器，令牌序列化程序，授权请求等...
通过第3步，我正在尝试实现:
1.客户端发送从STS获得的令牌
2.服务通过授权上下文获取令牌

实现此目标的最佳方法是什么?

还有一件事:如何使用config将token参数应用于现有绑定?换句话说，如何通过配置(我不能使用编码)编写以下代码:

Hi,

I am trying to achieve the following:

1. Client calls an STS.
2. STS returns a saml token
3. The client calls any service providing the token.

For steps 1 and 2, I use regular WCF, nothing special, just serializing the saml token returned from the STS.

For step 3 I use client/service credentials, token manager, token serializer, authorization prolicy etc...
With step 3 I am trying to achieve:
1. The client sends the token he got from the STS
2. The service gets the token via the authorization context

What is the best way to achieve this?

One more thing: How do I apply the token parameter to an existing binding using the config? In other words, how do I make the following code but via the config (I can''t use coding):

HttpTransportBindingElement httpTransport = new HttpTransportBindingElement();

      // the message security binding element will be configured to require a credit card
      // token that is encrypted with the service''s certificate
      SymmetricSecurityBindingElement messageSecurity = new SymmetricSecurityBindingElement();
messageSecurity.EndpointSupportingTokenParameters.SignedEncrypted.Add(new CreditCardTokenParameters());
      X509SecurityTokenParameters x509ProtectionParameters = new X509SecurityTokenParameters();
      x509ProtectionParameters.InclusionMode = SecurityTokenInclusionMode.Never;
      messageSecurity.ProtectionTokenParameters = x509ProtectionParameters;
      return new CustomBinding(messageSecurity, httpTransport);

我正在使用.NET 3.5，不能使用WIF.不幸的是，我不能使用联合身份验证，这不是一个选择，因为该服务是对等服务，并且联合身份验证绑定是客户端服务器.

I am using .NET 3.5, cannot use WIF. Unfortunately, I cannot use federation, this is not an option as the service is peer-to-peer and the federation bindings are client server.

推荐答案

HttpTransportBindingElement httpTransport = new HttpTransportBindingElement();      // the message security binding element will be configured to require a credit card      // token that is encrypted with the service''s certificate       SymmetricSecurityBindingElement messageSecurity = new SymmetricSecurityBindingElement();messageSecurity.EndpointSupportingTokenParameters.SignedEncrypted.Add(new CreditCardTokenParameters());      X509SecurityTokenParameters x509ProtectionParameters = new X509SecurityTokenParameters();      x509ProtectionParameters.InclusionMode = SecurityTokenInclusionMode.Never;      messageSecurity.ProtectionTokenParameters = x509ProtectionParameters;      return new CustomBinding(messageSecurity, httpTransport);

这篇关于具有Saml令牌的WCF自定义凭据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！