Fatal编程技术网
  • csharp/
  • C# 在IIS托管的WCF服务中使用IdentityServer令牌

C# 在IIS托管的WCF服务中使用IdentityServer令牌

c# wcf iis

C# 在IIS托管的WCF服务中使用IdentityServer令牌,c#,wcf,iis,identityserver3,C#,Wcf,Iis,Identityserver3,我试图在IIS托管的WCF服务中使用(使用)IdentityServer令牌。我看到了Dominick提供的自托管WCF服务的示例。但由于我的WCF服务托管在IIS中,因此我需要在web.config文件中配置绑定和identityserver配置选项。 任何人都可以使用IdentityServer配置共享web.config文件吗? 请在下面找到我的当前配置: <?xml version="1.0"?> <configuration> <appSettings&g

我试图在IIS托管的WCF服务中使用(使用)IdentityServer令牌。我看到了Dominick提供的自托管WCF服务的示例。但由于我的WCF服务托管在IIS中,因此我需要在web.config文件中配置绑定和identityserver配置选项。 任何人都可以使用IdentityServer配置共享web.config文件吗? 请在下面找到我的当前配置:

<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5.2" />
<httpRuntime targetFramework="4.5.2"/>
</system.web>
<system.serviceModel>
<bindings>
  <ws2007FederationHttpBinding>
    <binding name="WS2007FederationHttpBinding_IService1">
      <security mode="TransportWithMessageCredential">
        <message establishSecurityContext="false" issuedKeyType="BearerKey">
          <issuer address="https://localhost/dentityServer" />
        </message>
      </security>
    </binding>
  </ws2007FederationHttpBinding>
</bindings>
<client>
  <endpoint address="https://localhost/IDPWcfService1/Service1.svc" 
            binding="ws2007FederationHttpBinding" bindingConfiguration="WS2007FederationHttpBinding_IService1"
            contract="WcfService1.IService1" name="WS2007FederationHttpBinding_IService1" ></endpoint>
</client>
<behaviors>
  <serviceBehaviors>
    <behavior>
      <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
      <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
      <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
      <serviceDebug includeExceptionDetailInFaults="false"/>
    </behavior>
  </serviceBehaviors>
</behaviors>
<protocolMapping>
    <add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>    
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
    To browse web app root directory during debugging, set the value below to true.
    Set to false before deployment to avoid disclosing web app folder information.
  -->
<directoryBrowse enabled="true"/>
</system.webServer>

</configuration>



< /代码> 我在这里做同样的事情,您需要添加自定义的XML包装器类来封装JWT(这是简单的安全令牌,它将通过客户端的每个调用传递给服务,这样您就可以对客户端进行认证)

您可以在本文中找到更多详细信息:

完成此步骤后,您需要将此自定义xml包装添加到web.config,如下所示:


  <system.identityModel>
    <identityConfiguration saveBootstrapContext="true">
      <securityTokenHandlers>
        <remove type="System.IdentityModel.Tokens.Saml2SecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=abcdefg123456789"/>        
        <add type="Web.stuff.ServerSideAuthentication.IdentityServerWrappedJwtHandler, Web.stuff" />
      </securityTokenHandlers>
    </identityConfiguration>
  </system.identityModel>






另外,不要忘记在configsections节点下为这个新节添加贴花