C# 来自CreateChannelWithIssuedToken的WCF频道仍在发送';requestsecuritytoken';要求
使用.Net 4.5并使用WIF标识类生成SAML2令牌,并尝试将其添加到soap主体请求中,但其被忽略,生成的soap请求实际上具有“requestsecuritytoken”soap请求,该请求将发送到服务器。我没有STS 此处的引用代码“”似乎正在工作 app.config中的custombinding是C# 来自CreateChannelWithIssuedToken的WCF频道仍在发送';requestsecuritytoken';要求,c#,wcf,wif,saml-2.0,ws-trust,C#,Wcf,Wif,Saml 2.0,Ws Trust,使用.Net 4.5并使用WIF标识类生成SAML2令牌,并尝试将其添加到soap主体请求中,但其被忽略,生成的soap请求实际上具有“requestsecuritytoken”soap请求,该请求将发送到服务器。我没有STS 此处的引用代码“”似乎正在工作 app.config中的custombinding是 <customBinding> <binding name="AccountDetailsServiceSoap11" >
<customBinding>
<binding name="AccountDetailsServiceSoap11" >
<textMessageEncoding messageVersion="Soap11WSAddressing10"/>
<security includeTimestamp="true">
</security>
<httpTransport></httpTransport>
</binding>
</customBinding>
生成的soap信封是
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action><a:MessageID>urn:uuid:b7ff68ac-df62-4051-a68a-7382b0ec4995</a:MessageID><a:ReplyTo><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo><a:To s:mustUnderstand="1">http://localhost:8888/spring-webservices-sample/endpoints</a:To></s:Header><s:Body><t:RequestSecurityToken Context="uuid-f4007218-af5c-4f84-b800-0e47f102d3b5-1" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"><t:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</t:TokenType><t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType><t:KeySize>256</t:KeySize><t:BinaryExchange ValueType="http://schemas.xmlsoap.org/ws/2005/02/trust/spnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">YHoGBisGAQUFAqBwMG6gMDAuBgorBgEEAYI3AgIKBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHqI6BDhOVExNU1NQAAEAAAC3shjiCQAJAC8AAAAHAAcAKAAAAAYBsR0AAAAPQUEzNzMwOUNJTkNPTVNZUw==</t:BinaryExchange></t:RequestSecurityToken></s:Body></s:Envelope>
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issueurn:uuid:b7ff68ac-df62-4051-a68a-7382b0ec4995http://www.w3.org/2005/08/addressing/anonymoushttp://localhost:8888/spring-webservices示例/endpointshttp://schemas.xmlsoap.org/ws/2005/02/sc/scthttp://schemas.xmlsoap.org/ws/2005/02/trust/Issue256YHoGBisGAQUFAqBwMG6gMDAuBgorBgEEAYI3AgIKBgkqhkiC9xIBAGIGCSQGSIB3EGECAGYKKWYBBAGCNWICHQI6BDHOVEXNU1NQAEAAAC3SJICQAJAC8AAAAHACACAKAAAYBSR0AAAAPQUEZMWOUNJKNPTVNZUW==
我想用java中的SAML从.net客户端测试一个安全的web服务。我在VisualStudio2015中获得了从WSDL生成的服务客户端,然后获得了从类生成的SAML断言,现在尝试将该令牌与soap请求一起传递给java服务
有些人能分享一下我遗漏了什么或做错了什么吗?我是.net/WCF/WIF世界的新手
感谢在做了更多的研究之后,发现WCF基础设施在WCF客户端具有“custombinding”时首先在后台生成RST(requestsecuritytoken)请求,但尚未发现我们是否可以更改该行为。因此,取而代之的是使用带有签名选项的“basicHTTPBinding”(客户端接口上的protectlevel设置为sign),该选项现在正在对soap主体进行签名并放置timestamnp。
现在,对于SAML2令牌插入,使用拦截器,并在从WIF类生成后添加拦截器,并发送最终的soap请求,该请求已签名SAML断言、时间戳和soap主体。请求在SpringWS端通过安全操作进行处理,并调用了业务逻辑。这只是为了开发和测试。我想对于生产来说,我们仍然需要一个STS