我们必须使用来自外部方的服务,因为BinarySecurityToken没有在SOAP消息中签名,所以我们遇到了问题。
我们发现了几个最终帮助我们的在线参考资料,这一切都归结为我们必须创建一个自定义绑定,我们阻止包含InitiatorToken和RecipientToken并添加一个新的EndpointSupportingToken:
bindingElement.InitiatorTokenParameters = new X509SecurityTokenParameters { InclusionMode = SecurityTokenInclusionMode.Never };
bindingElement.RecipientTokenParameters = new X509SecurityTokenParameters { InclusionMode = SecurityTokenInclusionMode.Never };
bindingElement.EndpointSupportingTokenParameters.Signed.Add(new X509SecurityTokenParameters());
以下是自定义绑定的配置:
<customBinding>
<binding name="SecuredSadmiBinding" sendTimeout="00:02:00" receiveTimeout="00:02:00">
<textMessageEncoding messageVersion="Soap11" writeEncoding="utf-8">
<readerQuotas maxArrayLength="2147483647"
maxBytesPerRead="2147483647"
maxDepth="2147483647"
maxNameTableCharCount="2147483647"
maxStringContentLength="2147483647"/>
</textMessageEncoding>
<security authenticationMode="MutualCertificateDuplex"
enableUnsecuredResponse="true"
securityHeaderLayout="LaxTimestampLast"
messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12"
includeTimestamp="true"
defaultAlgorithmSuite="Basic128Rsa15"
messageProtectionOrder="SignBeforeEncrypt"
requireDerivedKeys="false"
requireSignatureConfirmation="false">
<localClientSettings timestampValidityDuration="00:01:00" />
<secureConversationBootstrap />
</security>
<httpsTransport maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647"
requireClientCertificate="false" />
</binding>
</customBinding>
我们的问题是,是否可以通过配置而不是代码将包含模式设置为从不用于InitiatorToken和RecipientToken。与EndpointSupportingToken相同的问题。