C# 如何使SecurityTokenServiceConfiguration从app.config加载配置信息?
我正在使用.NET4.5中包含的WIF框架创建一个STS。我使用C# 如何使SecurityTokenServiceConfiguration从app.config加载配置信息?,c#,wcf,wif,sts-securitytokenservice,C#,Wcf,Wif,Sts Securitytokenservice,我正在使用.NET4.5中包含的WIF框架创建一个STS。我使用WSTrustServiceHost类自托管这个STS(目前)。为此,我正在做以下工作: var conf = new SecurityTokenServiceConfiguration("isser name here", true) { DisableWsdl = true, SecurityTokenService = typeof(MyTokenService), }; var ct =
WSTrustServiceHost
类自托管这个STS(目前)。为此,我正在做以下工作:
var conf = new SecurityTokenServiceConfiguration("isser name here", true)
{
DisableWsdl = true,
SecurityTokenService = typeof(MyTokenService),
};
var ct = new WSTrustServiceContract(conf);
var host = new WSTrustServiceHost(ct);
host.Open();
// ...
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="sts_behavior">
<serviceCredentials useIdentityConfiguration="true" identityConfiguration="the_issuer_id">
<serviceCertificate findValue="7A5D7EB05EC741E45BF4EDA7E574F58DC31EF290" x509FindType="FindByThumbprint" storeName="My" storeLocation="LocalMachine" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<ws2007HttpBinding>
<binding name="sts_binding">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</ws2007HttpBinding>
</bindings>
<services>
<service name="System.ServiceModel.Security.WSTrustServiceContract" behaviorConfiguration="sts_behavior">
<endpoint address="http://my-machine:54512/tokens" binding="ws2007HttpBinding" contract="System.ServiceModel.Security.IWSTrust13SyncContract" bindingConfiguration="sts_binding" />
</service>
</services>
</system.serviceModel>
如您所见,我正在将true
传递给SecurityTokenServiceConfiguration
构造函数的loadConfig
参数,该参数表示文档:
true从配置文件加载设置;否则为假
我的配置文件中有一个identityConfiguration
元素,但它似乎没有被加载。我可以更改配置文件,例如,我可以更改securityTokenHandlers
,这些更改不会反映在构建的SecurityTokenServiceConfiguration
中
在我的app.config文件中,我有以下内容:
var conf = new SecurityTokenServiceConfiguration("isser name here", true)
{
DisableWsdl = true,
SecurityTokenService = typeof(MyTokenService),
};
var ct = new WSTrustServiceContract(conf);
var host = new WSTrustServiceHost(ct);
host.Open();
// ...
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="sts_behavior">
<serviceCredentials useIdentityConfiguration="true" identityConfiguration="the_issuer_id">
<serviceCertificate findValue="7A5D7EB05EC741E45BF4EDA7E574F58DC31EF290" x509FindType="FindByThumbprint" storeName="My" storeLocation="LocalMachine" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<ws2007HttpBinding>
<binding name="sts_binding">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</ws2007HttpBinding>
</bindings>
<services>
<service name="System.ServiceModel.Security.WSTrustServiceContract" behaviorConfiguration="sts_behavior">
<endpoint address="http://my-machine:54512/tokens" binding="ws2007HttpBinding" contract="System.ServiceModel.Security.IWSTrust13SyncContract" bindingConfiguration="sts_binding" />
</service>
</services>
</system.serviceModel>
可以看到,
元素引用配置文件中存在的
元素,如果我将此名称更改为与该
元素不匹配,则在打开服务主机时会引发错误。但是,这个
元素仍然没有被使用,正如我可以
安全令牌处理程序一样,当请求进入时,令牌处理程序仍然被使用
如何使用最少的编程配置配置和自托管自定义STS?经过大量探索,我发现
SecurityTokenServiceConfiguration
构造函数的一个重载允许指定从中加载配置的
元素的名称:
//
// Summary:
// Initializes a new instance of the System.IdentityModel.Configuration.SecurityTokenServiceConfiguration
// class that has the specified issuer name and signing credentials. Settings
// are loaded from the specified named configuration.
//
// Parameters:
// issuerName:
// The issuer name. Sets the System.IdentityModel.Configuration.SecurityTokenServiceConfiguration.TokenIssuerName
// property.
//
// signingCredentials:
// The signing credentials for the STS. Sets the System.IdentityModel.Configuration.SecurityTokenServiceConfiguration.SigningCredentials
// property.
//
// serviceName:
// The name of the <identityConfiguration> element from which the configuration
// is to be loaded.
public SecurityTokenServiceConfiguration(string issuerName, SigningCredentials signingCredentials, string serviceName);
//
//总结:
//初始化System.IdentityModel.Configuration.SecurityTokenServiceConfiguration的新实例
//类,该类具有指定的颁发者名称和签名凭据。设置
//从指定的命名配置加载。
//
//参数:
//发行人姓名:
//发行人名称。设置System.IdentityModel.Configuration.SecurityTokenServiceConfiguration.TokenIssuerName
//财产。
//
//签署证书:
//STS的签名凭据。设置System.IdentityModel.Configuration.SecurityTokenServiceConfiguration.SigningCredentials
//财产。
//
//服务名称:
//配置所来自的元素的名称
//是要加载的。
public SecurityTokenServiceConfiguration(字符串issuerName、SigningCredentials SigningCredentials、字符串serviceName);
我收回了我的回答,因为您并不欣赏我的回答,但无论如何我都会尽力帮助您:Thinktecture只是您正在使用的东西的包装,不需要编程配置。它有一个广泛的基于文件的配置机制。无论编程配置是否由配置文件驱动,它仍然是编程配置。我想使用内置的xml配置基础结构。您能否详细说明这与公共安全令牌服务配置(bool loadConfig)的不同行为?无论我使用这个构造函数还是您在这里建议的构造函数,我都会得到相同的结果:我的配置部分没有加载。