1
我有一個通過http調用服務(名爲MyService)的Web應用程序(名爲MyWebClient)。 MyService接受ADFS發出的令牌,並且它工作正常。我想從ADFS切換到MyCustomSTS(使用WIF 4.5)。我期望MyWebClient的代碼不會被改變,但我得到一個錯誤。從ADFS STS切換到自定義STS時序列化安全令牌出錯
代碼Ping通爲了MyService如下
var token = GetSecurityToken();
var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.Message, false);
var messageSecurity = serviceBinding.Security.Message;
messageSecurity.IssuedTokenType = TokenTypes.Saml11TokenProfile11;
messageSecurity.IssuerAddress = Constants.StsAddressX509;
messageSecurity.IssuedKeyType = SecurityKeyType.SymmetricKey;
messageSecurity.IssuerBinding = stsBinding;
var factory = new ChannelFactory<IMyService>(binding, new EndpointAddress("https://mylocalhost/MyService.svc"));
factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode =
X509CertificateValidationMode.None;
factory.Credentials.ServiceCertificate.Authentication.RevocationMode =
X509RevocationMode.NoCheck;
var service = factory.CreateChannelWithIssuedToken(token);
var result = service.Ping();
我有(什麼樣子),從STS有效令牌。
然而,它拋出在調用平爲了MyService異常,如下所示:
There was an error serializing the security token. Please see the
inner exception for more details. Server stack trace: at
System.ServiceModel.Security.WSSecurityTokenSerializer.WriteTokenCore(XmlWriter
writer, SecurityToken token) at
System.ServiceModel.Security.SendSecurityHeader.OnWriteHeaderContents(XmlDictionaryWriter
writer, MessageVersion messageVersion) at
System.ServiceModel.Channels.MessageHeader.WriteHeader(XmlDictionaryWriter
writer, MessageVersion messageVersion) at
System.ServiceModel.Security.SecurityAppliedMessage.OnWriteMessage(XmlDictionaryWriter
writer) at ...
各地的互聯網搜索後,我建議修改代碼位加
factory.Credentials.UseIdentityConfiguration = true;
它再次正常工作。
我在這裏的問題是爲什麼它沒有「UseIdentityConfiguration」就可以正常使用ADFS嗎?無論如何,修復它在MyCustomSTS但改變客戶端代碼?
原因是我有很多像MyWebClient這樣的客戶端應用程序,所以更改他們的代碼對我來說是個問題。
感謝您的所有幫助和答覆。我真的很感激它。