我有一个自定义SecurityTokenHandler用于默认和ActAs令牌请求。问题是默认令牌处理程序是为默认和ActAs请求调用的。我应该怎么做才能将默认和ActAs令牌请求的处理程序分开?
我的SecurityTokenHandlers配置:
this.SecurityTokenHandlers.Clear();
this.SecurityTokenHandlers.Add(new EncryptedSecurityTokenHandler());
this.SecurityTokenHandlers.Add(new SamlSecurityTokenHandler());
this.SecurityTokenHandlers.Add(new CustomUserNameSecurityTokenHandler("default handler"));
SecurityTokenHandlerCollection securityTokenHandlers = new SecurityTokenHandlerCollection()
{
new EncryptedSecurityTokenHandler(),
new SamlSecurityTokenHandler(),
new CustomUserNameSecurityTokenHandler("actas handler")
};
SecurityTokenHandlerCollectionManager[SecurityTokenHandlerCollectionManager.Usage.ActAs] = securityTokenHandlers;
CustomUserNameSecurityTokenHandler如下:
public class CustomUserNameSecurityTokenHandler : UserNameSecurityTokenHandler
{
string handler;
public CustomUserNameSecurityTokenHandler(string handler) : base()
{
this.handler = handler;
}
...
WIF实例化两个类,但永远不会调用"actas handler"参数化处理程序,每次只调用"default handler"个。
这是一个示例RequestSecurityToken:
var rst = new RequestSecurityToken
{
RequestType = RequestTypes.Issue,
AppliesTo = new EndpointReference(appliesTo.Uri.AbsoluteUri),
KeyType = KeyTypes.Bearer,
ActAs = new SecurityTokenElement(new UserNameSecurityToken("test", null))
};
我很感激任何帮助。