我已经尝试过询问this question关于WCF但是我没有答案,所以我再次尝试更集中的问题。
任何人都可以告诉我如何为WCF客户端创建自定义绑定:
更新
不确定它是否有所作为,但我使用的是.NET 4
另一个更新
如果有人有任何特定的例子,那将是很棒的
答案 0 :(得分:4)
我想我可以提一些指示。您必须使用WIF才能使其正常工作。您要传递的用户名令牌是已签名的SAML令牌。要生成SAML令牌,有一个带有WCF示例的STS示例项目,您可以使用该示例项目。您的代码应如下所示:
//This class will use the STS WCF sample to generate the signed SAML token
var tm = new TokenManager();
var samlToken = tm.GetSamlToken(Username);
var cf2 = new ChannelFactory<IPingService>("WcfSamlOverMutualSsl");
cf2.Credentials.ClientCertificate.Certificate = clientCert;
cf2.ConfigureChannelFactory();
cf2.Open();
// this code will attach the SAML token to WCF service.
var proxy2 = cf2.CreateChannelWithIssuedToken(samlToken);
response = proxy2.Ping();
Config看起来应该是这样的:
<customBinding>
<binding name="SamlOverMutualSsl">
<security defaultAlgorithmSuite="Default" authenticationMode="IssuedTokenOverTransport"
requireDerivedKeys="true" securityHeaderLayout="Strict" includeTimestamp="false"
keyEntropyMode="CombinedEntropy" messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10">
<issuedTokenParameters keyType="BearerKey" tokenType="">
<additionalRequestParameters>
<trust:SecondaryParameters xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<trust:KeyType xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
</trust:SecondaryParameters>
</additionalRequestParameters>
</issuedTokenParameters>
<localClientSettings cacheCookies="true" detectReplays="false"
replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
<localServiceSettings detectReplays="false" issuedCookieLifetime="10:00:00"
maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
reconnectTransportOnFailure="true" maxPendingSessions="128"
maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
<secureConversationBootstrap />
</security>
<textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap11" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</textMessageEncoding>
<httpsTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="true" />
</binding>
</customBinding>
端点:
<endpoint address="https://localhost/Ping/saml"
binding="customBinding" bindingConfiguration="SamlOverMutualSsl"
contract="SharedContracts.IPingService" name="WcfSamlOverMutualSsl" />
请从WIF添加对Microsoft.IdentityModel的引用。
希望这有帮助。
rauts