我試圖將安全令牌從客戶端應用程序傳遞到WCF服務進行身份驗證。爲什麼傳入聯合安全令牌時此WCF調用失敗
對於這個例子,我只是使用標準的文件,新的WCF應用程序項目,並試圖調用GetData方法。
我在客戶端上以下異常
{「的消息無法處理。這是最有可能的,因爲 行動‘http://tempuri.org/IService1/GetData’不正確,或因爲 消息包含無效或過期安全上下文令牌或 ,因爲綁定之間不匹配如果服務由於 處於非活動狀態而導致服務中止通道,則安全上下文 將無效爲防止服務中止空閒會話 過早地增加服務端點上的接收超時 結合。「}
如果我啓用的WCF服務,我可以看到下面的錯誤
有沒有通道,可以用行動 ‘http://tempuri.org/IService1/GetData’接受郵件跟蹤。
爲我服務的Web.config看起來像這樣
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</configSections>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<!--Configure STS-->
<system.identityModel>
<identityConfiguration>
<audienceUris>
<add value="https://stsserver.security.int/myApp" />
</audienceUris>
<issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089">
<trustedIssuers>
<add thumbprint="3c8fc34bd483b07ba0d1509827fc4788c36247e4" name="StartSSL Login" />
</trustedIssuers>
</issuerNameRegistry>
<certificateValidation certificateValidationMode="None"/>
</identityConfiguration>
</system.identityModel>
<system.serviceModel>
<bindings>
<ws2007FederationHttpBinding>
<binding name ="IdentityServer">
<security mode="TransportWithMessageCredential">
</security>
</binding>
</ws2007FederationHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
<services>
<service name="Services.Service1" behaviorConfiguration="CertificateBehavior">
<endpoint name="ws" binding="ws2007FederationHttpBinding" bindingConfiguration="IdentityServer" contract="Services.IService1" address=""/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="CertificateBehavior">
<serviceCredentials>
<serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
在我的客戶端應用程序的方法調用該WCF服務看起來像這樣
static void CallSecuredService(SecurityToken samlToken)
{
var binding = new WS2007FederationHttpBinding((WSFederationHttpSecurityMode.TransportWithMessageCredential));
binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey;
binding.Security.Message.EstablishSecurityContext = false;
var factory = new ChannelFactory<IService1>(binding, new EndpointAddress("https://localhost/myservice/Service1.svc"));
factory.Credentials.SupportInteractive = false;
factory.Credentials.UseIdentityConfiguration = true;
var proxy = factory.CreateChannelWithIssuedToken(samlToken);
Console.WriteLine(proxy.GetData(1));
}
任何指針,以我的事應該檢查會很好,因爲我現在在這一點上有點不知所措。我不知道我怎麼能進一步調試呢?