3

有人可以指点我创建一个在条件节点中包含 AudienceRestriction 的 SamlAssertion 的示例的方向吗?

下面是我想要放置的代码示例:

//Create the SAML Assertion
SamlAssertion samlAssert = new SamlAssertion();
samlAssert.AssertionId = Convert.ToBase64String(encoding.GetBytes(System.Guid.NewGuid().ToString()));
samlAssert.Issuer = "http://www.example.com/";

// Set up the conditions of the assertion - Not Before and Not After
samlAssert.Conditions = new SamlConditions(DateTime.Now, DateTime.Now.AddMinutes(5));

所需的 XML 如下所示:

<Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="_e835eca079133299b2f8a2a63ad72fe8" IssueInstant="2007-02-07T20:22:58.165Z" Issuer="http://www.example.com/" MajorVersion="1" MinorVersion="1">
 <Conditions NotBefore="2007-02-07T20:22:58.162Z" NotOnOrAfter="2007-02-07T20:24:58.162Z">
  <AudienceRestrictionCondition>
   <Audience>http://www.example2.com</Audience> 
  </AudienceRestrictionCondition>
 </Conditions>

我看到有一个SamlConditions类的构造函数,它允许第三个参数,即条件,并且有一个 SamlAudienceRestriction 类,但我似乎无法弄清楚如何将两者联系起来。我想如果我看到一些代码,这对我来说会变得非常明显,但不幸的是,我的 google-foo 今天让我失望了。

4

1 回答 1

6

我发誓我在发布之前花了几个小时试图弄清楚这个问题......但显然发布正是我看到答案所需要的。下面是我为 SAML 创建受众限制的代码:

//Create the SAML Assertion
SamlAssertion samlAssert = new SamlAssertion();
samlAssert.AssertionId = Convert
    .ToBase64String(
    encoding.GetBytes(System.Guid.NewGuid().ToString()));
samlAssert.Issuer = "http://www.example.com/";

// Set up the conditions of the assertion - Not Before and Not After
Uri[] approvedAudiences = {new Uri("http://www.example2.com")};
List<SamlCondition> conditions = new List<SamlCondition>();
conditions.Add(new SamlAudienceRestrictionCondition(approvedAudiences));
samlAssert.Conditions = new SamlConditions(
    DateTime.Now, 
    DateTime.Now.AddMinutes(5), 
    conditions
    );

如果有人发现任何问题,或者知道更好/更有效的方法,请告诉我。

于 2009-08-28T21:19:15.910 回答