是否可以在运行时更改客户端使用的安全令牌服务器?
我有一个工作的METRO 2.3客户端用于.NET服务,该服务使用Active Directory联合身份验证服务的安全令牌服务进行保护。 一切都是使用xml文件配置的。 该服务提供两个相同的服务器。一个用于测试,一个用于生产。
是否可以在运行时切换服务器?
我缩短了wsit-client.xml:
<definitions xmlns="http://schemas.xmlsoap.org/wsdl/">
<import location="mex.xml" namespace="http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice"/>
<import location="myservice.svc.xml" namespace="http://namespace.org/"/>
</definitions>
我的mex.xml的重要部分:
<wsdl:definitions name="SecurityTokenService"
targetNamespace="http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/"
xmlns:wsa10="http://www.w3.org/2005/08/addressing"
xmlns:wsp1="http://www.w3.org/ns/ws-policy"
xmlns:tc="http://schemas.sun.com/ws/2006/05/trust/client">
<wsdl:service name="SecurityTokenService">
<wsdl:port name="IssuedTokenWSTrustBinding_IWSTrust13Async" binding="tns:IssuedTokenWSTrustBinding_IWSTrust13Async">
<soap12:address location="http://login.test.miljoeportal.dk/adfs/services/trust/13/issuedtokensymmetricbasic256sha256"/>
<wsa10:EndpointReference>
<wsa10:Address>http://login.test.theserver.com/adfs/services/trust/13/issuedtokensymmetricbasic256sha256</wsa10:Address>
<Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>THECERTIFICATE</X509Certificate>
</X509Data>
</KeyInfo>
</Identity>
</wsa10:EndpointReference>
</wsdl:port>
</wsdl:service>
<wsp1:Policy wsu:Id="IssuedTokenWSTrustBinding_IWSTrust13AsyncPolicy">
<wsp1:ExactlyOne>
<wsp1:All>
<tc:PreconfiguredSTS wspp:visibility="private"
endpoint= "http://login.test.theserver.com/adfs/services/trust/13/username"
wsdlLocation="https://login.test.theserver.com/adfs/services/trust/mex"
metadata= "https://login.test.theserver.com/adfs/services/trust/mex"
serviceName="SecurityTokenService"
portName="UserNameWSTrustBinding_IWSTrust_13Async"
wstVersion="http://docs.oasis-open.org/ws-sx/ws-trust/200512"/>
</wsp1:All>
</wsp1:ExactlyOne>
</wsp1:Policy>
</wsdl:definitions>
是否可以在运行时将http://login.test.theserver.com网址更改为http://login.prod.theserver.com?
答案 0 :(得分:1)
可以像这样设置这些参数:
MyServices s = new MyService();
myserviceinterface = s.getMyService();
Map<String, Object> context = ((BindingProvider) myserviceinterface ).getRequestContext();
context.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http://service.theserver.com/wsdl");
String stsEndpoint = "http://login.theserver.com/adfs/services/trust/13/username";
String stsWSDLLocation = "https://login.theserver.com/adfs/services/trust/mex";
String stsServiceName = "SecurityTokenService";
String stsPortName = "UserNameWSTrustBinding_IWSTrust13Async";
String stsNamespace = "http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice";
context.put(STSIssuedTokenConfiguration.STS_ENDPOINT, stsEndpoint);
context.put(STSIssuedTokenConfiguration.STS_NAMESPACE, stsNamespace);
context.put(STSIssuedTokenConfiguration.STS_WSDL_LOCATION, stsWSDLLocation);
context.put(STSIssuedTokenConfiguration.STS_SERVICE_NAME, stsServiceName);
context.put(STSIssuedTokenConfiguration.STS_PORT_NAME, stsPortName);
我还没有找到在运行时更改密钥库设置的方法。