您可以在此处阅读有关被动声明的更多信息:
http://garymcallisteronline.blogspot.co.uk/2012/11/claims-explained.html
主动调用是对 WSActive 端点的直接调用(它们支持多种身份验证类型)。以下代码显示了使用用户名活动端点的主动调用。
private static GenericXmlSecurityToken GetToken(string username, string password, string url, string audienceUrl)
{
var factory = new WSTrustChannelFactory(new Microsoft.IdentityModel.Protocols.WSTrust.Bindings.UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential), new EndpointAddress(url));
factory.Credentials.UserName.UserName = username;
factory.Credentials.UserName.Password = password;
factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
factory.TrustVersion = TrustVersion.WSTrust13;
WSTrustChannel channel = null;
var rst = new RequestSecurityToken
{
RequestType = WSTrust13Constants.RequestTypes.Issue,
AppliesTo = new EndpointAddress(audienceUrl),
KeyType = WSTrust13Constants.KeyTypes.Bearer,
};
channel = (WSTrustChannel)factory.CreateChannel();
return channel.Issue(rst) as GenericXmlSecurityToken;
}