如何在SessionSecurityToken类中更改SecureConversationVersion属性

时间:2014-06-02 12:39:45

标签: c# wcf

我尝试使用WCF配置安全令牌服务,因此它可以使用WSSecureConversationFebruary2005命名空间创建令牌(SessionSecurityToken)。 SessionSecurityToken类具有属性SecureConversationVersion,理论上可以将其设置为我想要的值。不幸的是,默认情况下它不是,我也没有看到改变它的方法。在分析了源代码之后,我注意到有一个构造函数可以改变这个值,但它是内部的。

http://msdn.microsoft.com/pl-pl/library/system.identitymodel.tokens.sessionsecuritytoken.secureconversationversion%28v=vs.110%29.aspx

我用于托管STS的代码如下:

                BindingElementCollection bindings = new BindingElementCollection();
                SecurityBindingElement security = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
                security.AllowInsecureTransport = true;
                security.EnableUnsecuredResponse = true;
                security.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
                bindings.Add(security);

                TextMessageEncodingBindingElement textMessageEncoding = new TextMessageEncodingBindingElement();
                bindings.Add(textMessageEncoding);
                textMessageEncoding.MessageVersion = MessageVersion.Soap11WSAddressingAugust2004;

                HttpTransportBindingElement httpsTransport = new HttpTransportBindingElement();
                bindings.Add(httpsTransport);
                var myBinding = new CustomBinding(bindings);

                var host = new WSTrustServiceHost(Configuration, new Uri(BaseAddress));
                host.AddServiceEndpoint(
                    typeof(IWSTrustFeb2005SyncContract),
                    myBinding,
                    STS_ADDRESS);

示例响应如下:

<t:RequestedSecurityToken>
<SecurityContextToken d6p1:Id="_6d497e66-9851-4b74-bf6d-e5f46c652837-35820CA1B23B6109FC1DC2F6A0D3ACC3" 
xmlns:d6p1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
xmlns="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512">
<Identifier>urn:uuid:b067f4fc-0adc-4e78-98a5-449c6b58c234</Identifier>
<Cookie xmlns="http://schemas.microsoft.com/ws/2006/05/security"></Cookie>
</SecurityContextToken>
</t:RequestedSecurityToken>

但不是docs.oasis-open.org/ws-sx/ws-secureconversation/200512我希望schemas.xmlsoap.org/ws/2005/02/sc

1 个答案:

答案 0 :(得分:1)

最后,我通过创建覆盖WriteToken方法的自定义令牌处理程序来实现我的目标。该实现是基类的略微修改版本,如下所示:

public class MyTokenHandler : SessionSecurityTokenHandler
{
    public override void WriteToken(XmlWriter writer, SecurityToken token)
    {
        SessionSecurityToken sessionSecurityToken = token as SessionSecurityToken;
        sessionSecurityToken.IsReferenceMode = true;
        string ns = "http://schemas.xmlsoap.org/ws/2005/02/sc";
        string localName = "SecurityContextToken";
        string localName2 = "Identifier";

        XmlDictionaryWriter xmlDictionaryWriter;

        if (writer is XmlDictionaryWriter)
        {
            xmlDictionaryWriter = (XmlDictionaryWriter)writer;
        }
        else
        {
            xmlDictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter(writer);
        }

        xmlDictionaryWriter.WriteStartElement(localName, ns);
        xmlDictionaryWriter.WriteElementString(localName2, ns, sessionSecurityToken.ContextId.ToString());
        xmlDictionaryWriter.WriteEndElement();
        xmlDictionaryWriter.Flush();
    }
}

可能这不是最优雅的解决方案,但我找不到更好的。

相关问题
最新问题