下面是我用来从Adfs请求“Symmetric”令牌类型的代码,我收到标题中提到的错误。
快速谷歌搜索指出,这是因为没有令牌签名证书,但我确实在Adfs中定义了它。
我是否需要明确地将其分配给“依赖方”或在ADFS 2.0中使用它? 任何人都可以指向正确的方向,或者有人知道如果需要,可以将令牌签名证书与依赖方联系起来吗?
WS2007HttpBinding binding = new WS2007HttpBinding(SecurityMode.TransportWithMessageCredential);
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
binding.Security.Message.EstablishSecurityContext = false;
binding.BypassProxyOnLocal = true;
binding.UseDefaultWebProxy = true;
System.ServiceModel.Security.WSTrustChannelFactory factory = new System.ServiceModel.Security.WSTrustChannelFactory(
binding, new EndpointAddress(userNameMixedRequest.GetUserNameMixedUrl));
factory.TrustVersion = TrustVersion.WSTrust13;
factory.Credentials.SupportInteractive = false;
factory.Credentials.UserName.UserName = "domain\username"
factory.Credentials.UserName.Password = "password"
System.IdentityModel.Protocols.WSTrust.RequestSecurityToken request = new System.IdentityModel.Protocols.WSTrust.RequestSecurityToken
{
RequestType = RequestTypes.Issue,
AppliesTo = new EndpointReference(userNameMixedRequest.ClientUri),
KeyType = KeyTypes.Symmetric
};
System.ServiceModel.Security.IWSTrustChannelContract channel = factory.CreateChannel();
channel.Issue(request)