Wcf svcutil忽略WS-Trust声明
场景:我正在编写一个WCF客户机来访问Java/Metro Web服务,该服务需要通过从STS(也是Java/Metro)获得的令牌进行身份验证。服务的WSDL中的相关策略片段如下:Wcf svcutil忽略WS-Trust声明,wcf,webservice-client,svcutil.exe,sts-securitytokenservice,Wcf,Webservice Client,Svcutil.exe,Sts Securitytokenservice,场景:我正在编写一个WCF客户机来访问Java/Metro Web服务,该服务需要通过从STS(也是Java/Metro)获得的令牌进行身份验证。服务的WSDL中的相关策略片段如下: <sp:IssuedToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"> <sp:Issuer> <
<sp:IssuedToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<sp:Issuer>
<wsa:Address>...</wsa:Address>
<Metadata xmlns="http://www.w3.org/2005/08/addressing">
<Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex">
<MetadataSection>
<MetadataReference>
<Address xmlns="http://www.w3.org/2005/08/addressing">...</Address>
</MetadataReference>
</MetadataSection>
</Metadata>
</Metadata>
</sp:Issuer>
<t:Claims Dialect="http://schemas.xmlsoap.org/ws/2005/05/identity">
<ClaimType xmlns="http://schemas.xmlsoap.org/ws/2005/05/identity" Optional="false" Uri="..."/>
<ClaimType xmlns="http://schemas.xmlsoap.org/ws/2005/05/identity" Optional="false" Uri="..."/>
</t:Claims>
<sp:RequestSecurityTokenTemplate>
<t:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</t:KeyType>
<t:KeySize>256</t:KeySize>
</sp:RequestSecurityTokenTemplate>
<wsp:Policy>
<sp:RequireDerivedKeys/>
<sp:RequireInternalReference/>
</wsp:Policy>
</sp:IssuedToken>
WCF声称(没有双关语)支持WS-SecurityPolicy1.2,所以我想知道——这是设计上的错误吗?总之,来自策略的声明应该总是出现在绑定配置的
中。Microsoft支持部门向我确认这是.NET 4.0中的一个错误,计划在下一版本中进行修复
<binding ...>
<security ...>
<issuedTokenParameters ...>
<additionalRequestParameters>
<!-- The RST template is copied here -->
</additionalRequestParameters>
...
</issuedTokenParameters>
</security>
...
</binding>