在我的应用程序中,我先前是从Windows应用程序生成SAML V1.1令牌并将该令牌传递给WCF soap服务的。
从WCF客户端传递令牌:
Protected Overrides Function CreateChannel() As ITestService
Dim factory As ChannelFactory(Of ITestService)
factory = New ChannelFactory(Of ITestService)(Me.Endpoint)
factory.Credentials.UseIdentityConfiguration = True
Dim channel = factory.CreateChannelWithIssuedToken(securityToken)
Return channel
End Function
WCF中的配置和绑定:
<service name="TestService" behaviorConfiguration="serviceBehavior">
<endpoint address="" binding="ws2007FederationHttpBinding" bindingConfiguration="ws2007FederationHttpBinding_ITestService" contract="ITestService" />
</service
<bindings>
<ws2007FederationHttpBinding>
<binding name="ws2007FederationHttpBinding_ITestService" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:01:00" sendTimeout="00:01:00">
<readerQuotas maxDepth="64" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="TransportWithMessageCredential">
<message issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" issuedKeyType="BearerKey" negotiateServiceCredential="false" establishSecurityContext="false" />
</security>
</binding>
</ws2007FederationHttpBinding>
</bindings>
<system.identityModel>
<identityConfiguration>
<audienceUris>
<add value="https://dev.develop.test.com/" />
</audienceUris>
<certificateValidation certificateValidationMode="None" />
<issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<trustedIssuers>
<add thumbprint="6B68FAF000495A8A71A7983933DA77CF4235572A" name="https://test-acs.accesscontrol.windows.net/" />
</trustedIssuers>
</issuerNameRegistry>
</identityConfiguration>
</system.identityModel>
现在的问题是,我们希望将令牌服务从 SAML 迁移到 JWT (Okta),所以我需要在客户端和WCF服务中进行哪些必要的更改使其正常工作。
预先感谢!