0
我通過覆蓋SecurityTokenService並使用WCF託管它來創建STS。我還創建了一個依賴方和測試客戶端。客戶端被成功重定向到STS(如果我在GetOutputIdentity方法中放置斷點,程序將停止)。現在我需要在我的RP中拒絕除一個角色以外的所有用戶訪問權限。我該怎麼做?她是我的configuraion:WCF使用自定義STS拒絕沒有特定角色的任何人
protected override ClaimsIdentity GetOutputClaimsIdentity(ClaimsPrincipal principal,
RequestSecurityToken request,
Scope scope)
{
string authenticationType = principal.Identity.AuthenticationType;
var outputIdentity = new ClaimsIdentity(authenticationType);
outputIdentity.AddClaim(new Claim(ClaimTypes.Role, role));
outputIdentity.AddClaim(new Claim(ClaimTypes.Name, userName));
return outputIdentity;
}
依賴方配置:
<customBinding>
<binding name="secureBinding">
<security authenticationMode="IssuedToken" requireDerivedKeys="false" >
<issuedTokenParameters>
<issuer address="http://localhost:1318/Services/SecurityTokenService.svc">
</issuer>
<issuerMetadata address="http://localhost:1318/Services/SecurityTokenService.svc/mex"></issuerMetadata>
</issuedTokenParameters>
</security>
<httpTransport></httpTransport>
</binding>
</customBinding>