TCP Federation和ADFS

Question

我希望有人能幫助我。我怎樣才能通過TCP進行聯邦？我使用ADFS作爲我的STS。我的WCF服務（依賴方）通過net.tcp綁定暴露它的端點。 STS將通過wsHttp端點進行訪問。我將如何做到這一點？有什麼建議麼？

謝謝

Answer 1

從來沒有這樣做，但是從我讀過：

檢查您的端點在ADFS啓用。

然後將tcp添加到ADFS IIS站點的「啓用的協議」。

參考Enabling net.tcp

Answer 2

我只是想知道如果我正確地做這個。我創建了一個自定義綁定。這是針對服務器端的。

<!-- STS Binding --> 
<ws2007HttpBinding> 
<binding name="STSBinding"> 
    <security mode="TransportWithMessageCredential"> 
    <transport clientCredentialType="Windows"> 
    <extendedProtectionPolicy policyEnforcement="Never" /> 
     </transport> 
    <message clientCredentialType="Windows" negotiateServiceCredential="true" 
    algorithmSuite="Default" establishSecurityContext="false"/> 
    </security> 
    </binding> 
</ws2007HttpBinding> 

<customBinding> 
<binding name="WCFTestServiceLibrary.IService1_FederationNetTcpBinding"> 
<security authenticationMode="SecureConversation" requireSecurityContextCancellation="true"> 
<secureConversationBootstrap authenticationMode="IssuedToken"> 
<issuedTokenParameters tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile- 1.1#SAMLV2.0"> 
    <issuer address="https://test/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256" 
    binding="ws2007HttpBinding" bindingConfiguration="STSBinding"> 
    </issuer> 
    <issuerMetadata address="https://test/adfs/services/trust/mex" /> 
    <claimTypeRequirements> 
    <add claimType="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" isOptional="true" /> 
    <add claimType="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" isOptional="true" /> 
    </claimTypeRequirements> 
    </issuedTokenParameters> 
    </secureConversationBootstrap> 
    </security> 
    <binaryMessageEncoding /> 
    <tcpTransport /> 
    </binding> 
</customBinding>