共用方式為


HOW TO:使用相同類型的多個安全性權杖

  • 在 .NET Framework 3.0 中,用戶端訊息只包含任何指定類型的一個權杖。現在,用戶端訊息可以包含某個類型的多個權杖。本主題說明如何在用戶端訊息中包含相同類型的多個權杖。

  • 請注意,設定服務時,服務絕對不可以只包含一個支援權杖。

使用相同類型的多個安全性權杖

  1. 建立要填入的空白繫結項目集合。

    // Create an empty BindingElementCollection to populate, 
    // then create a custom binding from it.
    BindingElementCollection bec = new BindingElementCollection();
    
  2. 透過呼叫 CreateMutualCertificateBindingElement 建立 SecurityBindingElement

    SecurityBindingElement sbe = SecurityBindingElement.CreateMutualCertificateBindingElement();
    
  3. 建立 SupportingTokenParameters 集合。

    SupportingTokenParameters supportParams = new SupportingTokenParameters();
    
  4. 將 SAML 權杖加入至集合。

    // Two supporting SAML tokens are being added.
    supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress1, issuerBinding1));
    supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress2, issuerBinding2));
    
  5. 將集合加入至 SecurityBindingElement

    ((SymmetricSecurityBindingElement)sbe).OperationSupportingTokenParameters.Add("*", supportParams);
    
  6. 將繫結項目加入至繫結項目集合。

    bec.Add(sbe);
    bec.Add(new TextMessageEncodingBindingElement());
    bec.Add(new HttpTransportBindingElement());
    
  7. 從繫結項目集合傳回建立的新自訂繫結。

    // Create a CustomBinding and return it; otherwise, return null.
    return new CustomBinding(bec);
    

範例

下列是先前程序所述的完整方法。

// This method creates a CustomBinding that includes two tokens of a given type.
public static Binding CreateCustomBinding(EndpointAddress issuerEndpointAddress1, Binding issuerBinding1, EndpointAddress issuerEndpointAddress2, Binding issuerBinding2)
{
    // Create an empty BindingElementCollection to populate, 
    // then create a custom binding from it.
    BindingElementCollection bec = new BindingElementCollection();

    SecurityBindingElement sbe = SecurityBindingElement.CreateMutualCertificateBindingElement();

    SupportingTokenParameters supportParams = new SupportingTokenParameters();
    
    // Two supporting SAML tokens are being added.
    supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress1, issuerBinding1));
    supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress2, issuerBinding2));
    
    ((SymmetricSecurityBindingElement)sbe).OperationSupportingTokenParameters.Add("*", supportParams);
    
    bec.Add(sbe);
    bec.Add(new TextMessageEncodingBindingElement());
    bec.Add(new HttpTransportBindingElement());

    // Create a CustomBinding and return it; otherwise, return null.
    return new CustomBinding(bec);
}

另請參閱

概念

安全性架構