HOW TO:使用相同類型的多個安全性權杖
在 .NET Framework 3.0 中,用戶端訊息只包含任何指定類型的一個權杖。現在,用戶端訊息可以包含某個類型的多個權杖。本主題說明如何在用戶端訊息中包含相同類型的多個權杖。
請注意,設定服務時,服務絕對不可以只包含一個支援權杖。
使用相同類型的多個安全性權杖
建立要填入的空白繫結項目集合。
// Create an empty BindingElementCollection to populate, // then create a custom binding from it. BindingElementCollection bec = new BindingElementCollection();
透過呼叫 CreateMutualCertificateBindingElement 建立 SecurityBindingElement。
SecurityBindingElement sbe = SecurityBindingElement.CreateMutualCertificateBindingElement();
建立 SupportingTokenParameters 集合。
SupportingTokenParameters supportParams = new SupportingTokenParameters();
將 SAML 權杖加入至集合。
// Two supporting SAML tokens are being added. supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress1, issuerBinding1)); supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress2, issuerBinding2));
將集合加入至 SecurityBindingElement。
((SymmetricSecurityBindingElement)sbe).OperationSupportingTokenParameters.Add("*", supportParams);
將繫結項目加入至繫結項目集合。
bec.Add(sbe); bec.Add(new TextMessageEncodingBindingElement()); bec.Add(new HttpTransportBindingElement());
從繫結項目集合傳回建立的新自訂繫結。
// Create a CustomBinding and return it; otherwise, return null. return new CustomBinding(bec);
範例
下列是先前程序所述的完整方法。
// This method creates a CustomBinding that includes two tokens of a given type.
public static Binding CreateCustomBinding(EndpointAddress issuerEndpointAddress1, Binding issuerBinding1, EndpointAddress issuerEndpointAddress2, Binding issuerBinding2)
{
// Create an empty BindingElementCollection to populate,
// then create a custom binding from it.
BindingElementCollection bec = new BindingElementCollection();
SecurityBindingElement sbe = SecurityBindingElement.CreateMutualCertificateBindingElement();
SupportingTokenParameters supportParams = new SupportingTokenParameters();
// Two supporting SAML tokens are being added.
supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress1, issuerBinding1));
supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress2, issuerBinding2));
((SymmetricSecurityBindingElement)sbe).OperationSupportingTokenParameters.Add("*", supportParams);
bec.Add(sbe);
bec.Add(new TextMessageEncodingBindingElement());
bec.Add(new HttpTransportBindingElement());
// Create a CustomBinding and return it; otherwise, return null.
return new CustomBinding(bec);
}