我有一个以编程方式公开WsFederationHttpBinding端点的WCF服务。我想使用Visual Studio使用服务引用对话框创建客户端端点。客户端生成正确的端点和绑定,但我必须在STS的客户端配置中手动创建绑定,并将其连接到联合服务绑定的issuer元素。有没有办法创建服务器端绑定,以便在客户端上自动生成STS绑定?
这基本上就是我在代码中生成绑定的方式:
public class MyServiceHost : ServiceHostFactory
{
protected override void AddServiceEndpoint(ServiceHost host, Type contract, Uri address)
{
var binding = new WSFederationHttpBinding();
// set up some binding properties here
binding.Security = new WSFederationHttpSecurity
{
Mode = WSFederationHttpSecurityMode.Message,
Message = new FederatedMessageSecurityOverHttp
{
AlgorithmSuite = SecurityAlgorithmSuite.Default,
EstablishSecurityContext = true,
IssuedTokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1",
NegotiateServiceCredential = false,
IssuerAddress = new EndpointAddress(
new Uri("http://mydomain/STSService.svc"),
EndpointIdentity.CreateSpnIdentity("http/IDENTITYMASKED")),
IssuerBinding = new WSHttpBinding
{
Name = "stsBinding",
Security = new WSHttpSecurity
{
Mode = SecurityMode.Message,
Message = new NonDualMessageSecurityOverHttp
{
ClientCredentialType = MessageCredentialType.Windows,
NegotiateServiceCredential = true,
AlgorithmSuite = SecurityAlgorithmSuite.Default,
EstablishSecurityContext = false
}
}
}
}
};
host.AddServiceEndpoint(contract, binding, address);
}
}
当我在Visual Studio中为此生成代理时,stsBinding不在配置中或连接起来,有没有办法让这种情况发生或者MEX不允许它?
答案 0 :(得分:0)
不确定它是否会有用,因为我自己的服务还没有运行,但是我的(当前未经测试的)代码设置了FederatedMessageSecurityOverHttp元素的IssuerMetadataAddress,这也应该是客户端向导生成该绑定的原因。