Question

我开发了测试应用程序，其中我已经为ADFS身份验证添加了.asmx文件，在身份验证之后它将重定向到我原来已经开发的Web应用程序。公共代码如下所示

var stsEndpoint = ConfigurationManager.AppSettings["EndPoint"];
            var relayPartyUri = ConfigurationManager.AppSettings["RelayPartyUri"];
            EndpointAddress epoint = new EndpointAddress(stsEndpoint);
            using (var factory = new WSTrustChannelFactory(new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential), epoint) { TrustVersion = TrustVersion.WSTrust13 })
            {
                if (factory.Credentials != null)
                {
                    factory.Credentials.UserName.UserName = @"Domain\" + userName;
                    factory.Credentials.UserName.Password = password;
                }
                var rst = new RequestSecurityToken
                {
                    RequestType = WSTrust13Constants.RequestTypes.Issue,
                    AppliesTo = new EndpointReference(relayPartyUri),
                    KeyType = WSTrust13Constants.KeyTypes.Bearer
                };
                var channel = factory.CreateChannel();
                var token = channel.Issue(rst);
                var genericToken = token as GenericXmlSecurityToken;

行 var token = channel.Issue（rst）; 抛出错误

错误是ID3082：请求范围无效或不受支持

另外，我不确定我应该为RelyingPartyURI使用哪个URI

我用于ADFS身份验证的服务URL。或
我已开发的网络应用程序的网址

请帮忙。

Answer 1

relayPartyUri是您应用的唯一标识符。

使用Web服务在ADFS中进行身份验证

1 个答案: