使用Windows验证/身份验证获取服务声明

时间:2015-01-13 12:49:36

标签: wcf security wshttpbinding

我有以下代码,使用用户名&密码。 我该如何使用Windows凭据呢?

private static SecurityToken GetClaims(string serviceurl, string username, string password)
    {
        bool isincurrentusercontext = String.IsNullOrEmpty(username); 
        WS2007HttpBinding binding = new WS2007HttpBinding();
        binding.Security.Mode = SecurityMode.TransportWithMessageCredential;
        binding.Security.Message.EstablishSecurityContext = false;

        EndpointAddress endpoint = new EndpointAddress(new Uri(GetStsUrl(isincurrentusercontext)));
        WSTrustChannelFactory trustChannelFactory;

        if (!isincurrentusercontext)
        {
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
            binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
            trustChannelFactory = new WSTrustChannelFactory(binding, endpoint);
            trustChannelFactory.Credentials.UserName.UserName = username;
            trustChannelFactory.Credentials.UserName.Password = password;
        }
        else
            trustChannelFactory = new WSTrustChannelFactory(new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential), endpoint);

        trustChannelFactory.TrustVersion = TrustVersion.WSTrust13;
        trustChannelFactory.Credentials.UseIdentityConfiguration = true;

        WSTrustChannel channel = null;

        RequestSecurityToken rst = new RequestSecurityToken(RequestTypes.Issue);
        rst.AppliesTo = new EndpointReference(serviceurl);
        rst.KeyType = KeyTypes.Bearer;

        channel = (WSTrustChannel)trustChannelFactory.CreateChannel();
        SecurityToken token = channel.Issue(rst);
        ((IChannel)channel).Close();
        channel = null;

        trustChannelFactory.Close();
        trustChannelFactory = null;

        return token;

    }

如果我改变了,

binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName; 


binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;

并删除这两个陈述,

trustChannelFactory.Credentials.UserName.UserName = username;
trustChannelFactory.Credentials.UserName.Password = password;

当我运行此声明时,

SecurityToken token = channel.Issue(rst);

我收到以下错误,

  

安全通道无法打开,因为与安全协商   远程端点失败。这可能是由于缺席或不正确   用于创建的EndpointAddress中指定的EndpointIdentity   渠道。请验证指定或暗示的EndpointIdentity   EndpointAddress正确识别远程端点

0 个答案:

没有答案
相关问题
最新问题