ACS管理服务

时间:2013-04-07 15:07:16

标签: azure acs

我已经(手动)创建了一个名为' testtopic'在根级别。我试图以编程方式从中获取SWT ACS管理服务,然后使用该SWT努力向“测试主题”发送消息。话题。要检索SWT,我使用 以下代码:

    var client = new WebClient();
    client.BaseAddress = string.Format("https://connectedcloudapps.accesscontrol.windows.net");

    var values = new NameValueCollection
    {
    {"wrap_name", "publisher"},
    {"wrap_password", "password"},
    {"wrap_scope", "https://connectedcloudapps.servicebus.windows.net/testtopic/"}
    };

    // WebClient takes care of the URL Encoding
    byte[] responseBytes = client.UploadValues("WRAPv0.9", "POST", values);

    string response = Encoding.UTF8.GetString(responseBytes);
    var token = HttpUtility.UrlDecode(response
    .Split('&')
    .Single(value => value.StartsWith("wrap_access_token=",StringComparison.OrdinalIgnoreCase))
    .Split('=')[1]);

上面的工作很精细,因为我收到SWT返回。太好了......我认为

以下是服务标识,规则等的配置:

Service identity
Name: publisher
Type:Password
Effective Date: 4/5/2013
Expiration Date: 4/5/2014

Rule group:
Name: publisherrule
Used by the following relying party applications:publisher rp
Rules (net.windows.servicebus.action):
IF
Input claim issuer: Access Control Service
Input claim type: nameidentifier
Input claim value: publisher
THEN
Output claim type:net.windows.servicebus.action
Output claim value:Send

Relying Party Applications
Name: publisher rp
realm:https://connectedcloudapps.servicebus.windows.net/testtopic
Return URL: <empty>
Error URL: <empty>
Token format: SWT
Token lifetime (secs):600
Authentication Settings
Identity providers:
<No Identity providers selected>

Rule groups:
Select the rule groups to use for this relying party application when processing claims.
'pubishrule' is selected via checkbox
Token Signing Keys:
Service Namespace Symmetric Key

配置完所有内容后,我会使用以下内容,我已经多次修改了很多次,但无法将其发送到主题:

var tokenProvider = TokenProvider.CreateSimpleWebTokenProvider(token); //token is what was retrieved in above code
var factory = MessagingFactory.Create(ServiceBusEnvironment.CreateServiceUri("sb", "connectedcloudapps", string.Empty), tokenProvider);
var sender = factory.CreateTopicClient("testtopic");
var msg = new BrokeredMessage("Yahoooooooo");
try
{
    sender.Send(msg);
}

我收到的错误是:

  

{System.UnauthorizedAccessException:令牌提供程序无法执行   访问时提供安全令牌   &#39; https://connectedcloudapps-sb.accesscontrol.windows.net/WRAPv0.9/&#39 ;.   令牌提供程序返回消息:   &#39;错误:代码:401:子代码:T2002:详细信息:受众不是   valid.:TraceID:bcd601fc-ac1b-4c23-bd85-67d8aeda83df:TimeStamp:2013-04-07   17:13:58Z&#39 ;. ---&GT; System.IdentityModel.Tokens.SecurityTokenException:   令牌提供程序无法提供安全令牌   访问   &#39; https://connectedcloudapps-sb.accesscontrol.windows.net/WRAPv0.9/&#39 ;.   令牌提供程序返回消息:   &#39;错误:代码:401:子代码:T2002:详细信息:受众不是   valid.:TraceID:bcd601fc-ac1b-4c23-bd85-67d8aeda83df:TimeStamp:2013-04-07   17:13:58Z&#39 ;. ---&GT; System.Net.WebException:返回远程服务器   错误:(401)未经授权。在   System.Net.HttpWebRequest.GetResponse()at   Microsoft.ServiceBus.TokenProviderHelper.GetAccessTokenCore(URI   requestUri,String applyTo,String requestToken,String   simpleAuthAssertionFormat,TimeSpan timeout,String&amp;过期日期在) - -   内部异常堆栈跟踪结束--- at   Microsoft.ServiceBus.TokenProviderHelper.ThrowException(URI   requestUri,WebException exception)at   Microsoft.ServiceBus.TokenProviderHelper.GetAccessTokenCore(URI   requestUri,String applyTo,String requestToken,String   simpleAuthAssertionFormat,TimeSpan timeout,String&amp; expiresIn)at   Microsoft.ServiceBus.TokenProviderHelper.GetAccessTokenByAssertion(URI   requestUri,String applyTo,String requestToken,String   simpleAuthAssertionFormat,TimeSpan timeout)at   Microsoft.ServiceBus.SimpleWebTokenProvider.OnBeginGetToken(字符串   applyTo,String动作,TimeSpan超时,AsyncCallback回调,   对象状态)   Microsoft.ServiceBus.TokenProvider.GetTokenAsyncResult..ctor(TokenProvider   tokenProvider,String applyTo,String action,Boolean bypassCache,   TimeSpan超时,AsyncCallback回调,对象状态)at   Microsoft.ServiceBus.TokenProvider.BeginGetToken(String applyTo,   字符串操作,布尔bypassCache,TimeSpan超时,AsyncCallback   回调,对象状态)at   Microsoft.ServiceBus.TokenProviderUtility.GetMessagingToken(ITokenProvider   tokenProvider,Uri baseAddress,String applyTo,String action,   布尔bypassCache,TimeSpan超时)---内部异常结束   堆栈跟踪--- at   Microsoft.ServiceBus.TokenProviderUtility.GetMessagingToken(ITokenProvider   tokenProvider,Uri baseAddress,String applyTo,String action,   布尔bypassCache,TimeSpan超时)at   Microsoft.ServiceBus.Messaging.Sbmp.SbmpMessageCreator.GetAuthorizationToken(字符串   applyTo,String action)at   Microsoft.ServiceBus.Messaging.Sbmp.SbmpMessageCreator.GetAuthorizationHeader(字符串   行动)   Microsoft.ServiceBus.Messaging.Sbmp.SbmpMessageCreator.CreateWcfMessageInternal(字符串   action,Object body,Boolean includeToken)at   Microsoft.ServiceBus.Messaging.Sbmp.SbmpMessageCreator.CreateWcfMessage(字符串   动作,物体)   Microsoft.ServiceBus.Messaging.Sbmp.SbmpMessageSender.GetOverheadSize()   在Microsoft.ServiceBus.Messaging.Sbmp.SbmpMessageSender..ctor(String   path,SbmpMessagingFactory messagingFactory,SbmpMessageCreator   messageCreator,LinkInfo linkInfo)at   Microsoft.ServiceBus.Messaging.Sbmp.CreateSenderLinkSettings..ctor(SbmpMessagingFactory   messagingFactory,String entityName,Nullable 1 entityType, String transferDestinationEntityName) at Microsoft.ServiceBus.Messaging.Sbmp.CreateSenderLinkSettings..ctor(SbmpMessagingFactory messagingFactory, String entityName, Nullable 1 entityType)at   Microsoft.ServiceBus.Messaging.Sbmp.SbmpTopicClient.OnBeginCreateSender(时间跨度   超时,AsyncCallback回调,对象状态)at   Microsoft.ServiceBus.Messaging.TopicClient&LT;&GT; c__DisplayClass2.b__0(的AsyncCallback   c,对象s)at   Microsoft.ServiceBus.Messaging.OpenOnceManager.OpenOnceManagerAsyncResult 1.BeginOperation() at Microsoft.ServiceBus.Messaging.OpenOnceManager.OpenOnceManagerAsyncResult 1.OpenComplete(IAsyncResult的   结果)在   Microsoft.ServiceBus.Common.AsyncResult.SyncContinue(IAsyncResult的   结果)在   Microsoft.ServiceBus.Messaging.OpenOnceManager.OpenOnceManagerAsyncResult 1..ctor(OpenOnceManager openOnceManager, TimeSpan openTimeout, AsyncCallback callback, Object state, Func 3 beginOperation,EndOperation 1 endOperation) at Microsoft.ServiceBus.Messaging.OpenOnceManager.Begin[T](AsyncCallback callback, Object state, Func 3 beginOperation,Func`2 endOperation)
  在   Microsoft.ServiceBus.Messaging.TopicClient.BeginCreateSender(时间跨度   超时,AsyncCallback回调,对象状态)at   Microsoft.ServiceBus.Messaging.TopicClient.EnsureCreateInternalSender()   在Microsoft.ServiceBus.Messaging.TopicClient.ThrowIfSenderNull(String   operationName)at   Microsoft.ServiceBus.Messaging.TopicClient.Send(BrokeredMessage   在Console.Program.PostToTopic(Uri uri,String token)中   c:\ Poc City \ AirConCloud \ Console \ Program.cs:line 56}

在一天结束时,我将拥有许多服务标识,每个服务标识都需要访问该主题,具有不同的访问权限。

  1. 上述方法是否正确,我只是错过了小管道 细节?
  2. 这不起作用,需要重新设计吗?
  3. 如果为1,有什么问题,如果是2,应该怎么做。

    提前致谢

0 个答案:

没有答案