2

我有一个使用 WSE 3 Web 服务 + STS 的 WSE 3 客户端:

var stsService = new SecurityTokenServiceClient("https://stsurl");

var securityToken = stsService.requestSecurityToken("login", "password");

var st = new SecurityContextToken(securityToken);
transferObject.RequestSoapContext.Security.Tokens.Add(st);

所以安全令牌只是添加到 Token 的集合中,我们可以通过 transferObject 调用服务。

但现在我需要使用 WCF 实现一个类似的客户端。这是我遇到的不幸导致验证错误的代码:

var binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);

var client = new GeneratedClient(binding, new EndpointAddress("https://serviceurl"));

client.ClientCredentials.IssuedToken.LocalIssuerBinding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
client.ClientCredentials.IssuedToken.LocalIssuerAddress = new EndpointAddress("https://stsurl");
client.ClientCredentials.UserName.UserName = "login";
client.ClientCredentials.UserName.Password = "password";

client.ChannelFactory.ConfigureChannelFactory();

var channel = client.ChannelFactory.CreateChannel();
var requestWrap = new Services.SomeMethodRequest();
requestWrap.ListShipments = request;
var response = channel.SomeMethod(requestWrap);

通过 WCF 使用 STS 身份验证是否正确?

4

1 回答 1

0

这应该让你走上正确的轨道

     EndpointAddress endpointAddress = new EndpointAddress( OtherSTSAddress );
     UserNameWSTrustBinding binding = 
        new UserNameWSTrustBinding( SecurityMode.TransportWithMessageCredential );

     WSTrustChannelFactory factory = new WSTrustChannelFactory( binding, endpointAddress );
     factory.Credentials.UserName.UserName = UserName;
     factory.Credentials.UserName.Password = Password;
     factory.TrustVersion = System.ServiceModel.Security.TrustVersion.WSTrustFeb2005;

     WSTrustChannel channel = (WSTrustChannel)factory.CreateChannel();

     RequestSecurityToken rst = new RequestSecurityToken(
         WSTrustFeb2005Constants.RequestTypes.Issue,
         WSTrustFeb2005Constants.KeyTypes.Bearer );
     rst.AppliesTo = new EndpointAddress( YourStsAddress );

     SecurityToken token = channel.Issue( rst );
于 2013-06-23T19:39:45.620 回答