我是 WCF Web 服务的新手。目前我正在使用联合绑定(SAML)开发联合 Web 服务。我在“SAML 令牌提供者”上使用了 MSDN 示例。但问题是我无法使用该服务,当我使用它时,它抛出“从另一方收到不安全或不正确安全的故障” ,内部异常为 “处理消息中的安全令牌时发生错误”。
这是我在服务器端的网络配置文件
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
</system.web>
<system.serviceModel>
<bindings>
<wsFederationHttpBinding>
<binding name="Binding1">
<security mode="Message" >
<message negotiateServiceCredential ="false" issuedKeyType ="AsymmetricKey"
issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1">
</message>
</security>
</binding>
<!-- Binding that expect SAML tokens with Asymmetric proof keys -->
<binding name="Binding2">
<security mode="Message">
<message negotiateServiceCredential ="false"
issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1">
</message>
</security>
</binding>
</wsFederationHttpBinding>
</bindings>
<services>
<!--<service name="MobileInterfaceWCFService.MobileService" behaviorConfiguration="MobileInterfacebehavior">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="basic_http" contract="MobileInterfaceWCFService.IMobileInterface" />
</service>
<service name ="MobileInterfaceWCFService.MobileService" behaviorConfiguration="MobileInterfaceWCFService.Service1Behavior">
<endpoint address="" binding="wsHttpBinding" contract="MobileInterfaceWCFService.IMobileInterface" bindingName="wsHttpBinding_ITMNetWCFService_ITMMobileSharedWebService" bindingConfiguration="wsHttpBinding_ITMNetWCFService_ITMMobileSharedWebService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</service> -->
<service name ="MobileInterfaceWCFService.MobileService" behaviorConfiguration="MobileInterfaceWCFService.SamlTokenBehavior">
<endpoint address="" binding="wsFederationHttpBinding" contract="MobileInterfaceWCFService.IMobileInterface" bindingName="Binding1" bindingConfiguration="Binding1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</service>
</services>
<client>
<endpoint address="http://host-root/MobileSharedWebService/MobileSharedWebService.svc" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_ITMNetWCFService_ITMMobileSharedWebService" contract="ServiceReference1.ITMMobileSharedWebService" name="wsHttpBinding_ITMNetWCFService_ITMMobileSharedWebService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
</client>
<behaviors>
<serviceBehaviors>
<behavior name="MobileInterfacebehavior">
<!--<serviceMetadata httpGetEnabled="true" />-->
</behavior>
<behavior name="MobileInterfaceWCFService.Service1Behavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<!-- <serviceMetadata httpGetEnabled="true"/> -->
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
<behavior name="MobileInterfaceWCFService.SamlTokenBehavior">
<serviceMetadata httpGetEnabled="true" />
<!--
The serviceCredentials behavior allows one to define a service certificate.
A service certificate is used by a client to authenticate the service and provide message protection.
This configuration references the "localhost" certificate installed during the setup instructions.
-->
<serviceCredentials>
<!-- Set allowUntrustedRsaIssuers to true to allow self-signed, asymmetric key based SAML tokens -->
<issuedTokenAuthentication allowUntrustedRsaIssuers ="false" >
<!-- Add Alice to the list of certs trusted to issue SAML tokens -->
<knownCertificates>
<add storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindBySubjectName"
findValue="Alice"/>
</knownCertificates>
</issuedTokenAuthentication>
<serviceCertificate storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName"
findValue="localhost" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<handlers accessPolicy="Read, Script" />
<security>
<authentication>
<anonymousAuthentication enabled="true" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
<asp enableParentPaths="true" />
</system.webServer>
<system.diagnostics>
<sources>
<source name="System.ServiceModel"
switchValue="Information, ActivityTracing"
propagateActivity="true">
<listeners>
<add name="traceListener"
type="System.Diagnostics.XmlWriterTraceListener"
initializeData= "c:\log\Traces.svclog" />
</listeners>
</source>
</sources>
</system.diagnostics>
</configuration>
这是我在消费者端的配置文件
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsFederationHttpBinding>
<binding name="Binding1_IMobileInterface" >
<security mode="Message">
<message issuedKeyType="AsymmetricKey" issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
negotiateServiceCredential="false" >
</message>
</security>
</binding>
</wsFederationHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost/WCF_MobileInterface/MobileService.svc"
binding="wsFederationHttpBinding" bindingConfiguration="Binding1_IMobileInterface"
contract="ServiceReference1.IMobileInterface" name="Binding1_IMobileInterface">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
注意:我已经尝试了所有与 stackoverflow 和 google 上相同类型的错误/问题相关的解决方案,但无法解决问题
任何快速帮助将不胜感激
提前致谢