我从WCF客户端收到以下错误。 “未指定安全令牌颁发者的地址。必须在目标'http://site.com/TLAPI.svc'的绑定中指定显式颁发者地址,或者必须在凭据中配置本地颁发者地址。”
我正在尝试连接到SharePoint Service应用程序。我添加了生成下面的客户端类的服务引用。这是我到目前为止的代码:
TipAndLeadAPIContractClient client = new TipAndLeadAPIContractClient(@"CustomBinding_ITipAndLeadAPIContract", @"http://site.com/TLAPI.svc");
client.ChannelFactory.Credentials.SupportInteractive = false;
client.ClientCredentials.UserName.UserName = "user";
client.ClientCredentials.UserName.Password = "password";
client.ConvertToTLForm(@"C:\Clients\ServiceApplication\CAP\capsample1.xml", "tl_library", "http://site/");
这是我的客户端绑定配置:
<binding name="CustomBinding_ITipAndLeadAPIContract">
<security defaultAlgorithmSuite="Default" authenticationMode="IssuedToken"
requireDerivedKeys="true" securityHeaderLayout="Strict" includeTimestamp="true"
keyEntropyMode="CombinedEntropy" messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
requireSignatureConfirmation="false">
<issuedTokenParameters keyType="SymmetricKey" tokenType="" />
<localClientSettings cacheCookies="true" detectReplays="true"
replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
<localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
reconnectTransportOnFailure="true" maxPendingSessions="128"
maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
<secureConversationBootstrap />
</security>
<binaryMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
maxSessionSize="2048">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</binaryMessageEncoding>
<httpTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" />
</binding>
这是我的服务应用程序绑定配置:
<binding name="CalcServiceHttpBinding">
<security authenticationMode="IssuedToken" allowInsecureTransport="true" />
<binaryMessageEncoding>
<readerQuotas maxStringContentLength="1048576" maxArrayLength="2097152" />
</binaryMessageEncoding>
<httpTransport maxReceivedMessageSize="2162688" authenticationScheme="Ntlm" useDefaultWebProxy="false" />
</binding>
提前致谢。
答案 0 :(得分:4)
使用IssuedToken凭据类型设置绑定:
<issuedTokenParameters keyType="SymmetricKey" tokenType="" />
首先,我不确定您的tokenType属性为何空白。这应该设置为将要协商的令牌类型,例如SAML令牌,例如tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"。
下一个节点有一个名为<issuer>的子节点,它允许您指定客户端用于协商令牌的安全令牌服务器(STS)的地址。您获得的例外情况是告诉您具体未配置。 <issuer>元素可能如下所示。
<issuer address="https://someserver/SomeSTS" binding="<some binding type>" bindingConfiguration="<some binding configuration for the STS>" />
除了地址之外,您还需要指定应该与您可能需要与STS交谈的任何自定义配置一起使用的绑定类型。