FederatedMessageSecurityOverHttp.IssuerMetadataAddress Property
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Gets or sets the endpoint address for communicating with the security token service out of band.
public:
property System::ServiceModel::EndpointAddress ^ IssuerMetadataAddress { System::ServiceModel::EndpointAddress ^ get(); void set(System::ServiceModel::EndpointAddress ^ value); };public System.ServiceModel.EndpointAddress IssuerMetadataAddress { get; set; }member this.IssuerMetadataAddress : System.ServiceModel.EndpointAddress with get, setPublic Property IssuerMetadataAddress As EndpointAddressProperty Value
The Binding to be used when communicating with the security token service out of band.
Examples
The following code shows how to access this property from the binding, and set it.
// This method creates a WSFederationHttpBinding.
public static WSFederationHttpBinding
CreateWSFederationHttpBinding(bool isClient)
{
// Create an instance of the WSFederationHttpBinding.
WSFederationHttpBinding b = new WSFederationHttpBinding();
// Set the security mode to Message.
b.Security.Mode = WSFederationHttpSecurityMode.Message;
// Set the Algorithm Suite to Basic256Rsa15.
b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15;
// Set NegotiateServiceCredential to true.
b.Security.Message.NegotiateServiceCredential = true;
// Set IssuedKeyType to Symmetric.
b.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey;
// Set IssuedTokenType to SAML 1.1
b.Security.Message.IssuedTokenType =
"http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#samlv1.1";
// Extract the STS certificate from the certificate store.
X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certs = store.Certificates.Find(
X509FindType.FindByThumbprint, "0000000000000000000000000000000000000000", false);
store.Close();
// Create an EndpointIdentity from the STS certificate.
EndpointIdentity identity = EndpointIdentity.CreateX509CertificateIdentity ( certs[0] );
// Set the IssuerAddress using the address of the STS and the previously created
// EndpointIdentity.
b.Security.Message.IssuerAddress =
new EndpointAddress(new Uri("http://localhost:8000/sts/x509"), identity);
// Set the IssuerBinding to a WSHttpBinding loaded from configuration.
// The IssuerBinding is only used on federated clients.
if (isClient)
{
b.Security.Message.IssuerBinding = new WSHttpBinding("Issuer");
}
// Set the IssuerMetadataAddress using the metadata address of the STS and the
// previously created EndpointIdentity. The IssuerMetadataAddress is only used
// on federated services.
else
{
b.Security.Message.IssuerMetadataAddress =
new EndpointAddress(new Uri("http://localhost:8001/sts/mex"), identity);
}
' This method creates a WSFederationHttpBinding.
Public Shared Function CreateWSFederationHttpBinding(ByVal isClient As Boolean) As WSFederationHttpBinding
' Create an instance of the WSFederationHttpBinding.
Dim b As New WSFederationHttpBinding()
' Set the security mode to Message.
b.Security.Mode = WSFederationHttpSecurityMode.Message
' Set the Algorithm Suite to Basic256Rsa15.
b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15
' Set NegotiateServiceCredential to true.
b.Security.Message.NegotiateServiceCredential = True
' Set IssuedKeyType to Symmetric.
b.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey
' Set IssuedTokenType to SAML 1.1
b.Security.Message.IssuedTokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#samlv1.1"
' Extract the STS certificate from the certificate store.
Dim store As New X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser)
store.Open(OpenFlags.ReadOnly)
Dim certs As X509Certificate2Collection = store.Certificates.Find(X509FindType.FindByThumbprint, "0000000000000000000000000000000000000000", False)
store.Close()
' Create an EndpointIdentity from the STS certificate.
Dim identity As EndpointIdentity = EndpointIdentity.CreateX509CertificateIdentity (certs(0))
' Set the IssuerAddress using the address of the STS and the previously created
' EndpointIdentity.
b.Security.Message.IssuerAddress = New EndpointAddress(New Uri("http://localhost:8000/sts/x509"), identity)
' Set the IssuerBinding to a WSHttpBinding loaded from configuration.
' The IssuerBinding is only used on federated clients.
If isClient Then
b.Security.Message.IssuerBinding = New WSHttpBinding("Issuer")
' Set the IssuerMetadataAddress using the metadata address of the STS and the
' previously created EndpointIdentity. The IssuerMetadataAddress is only used
' on federated services.
Else
b.Security.Message.IssuerMetadataAddress = New EndpointAddress(New Uri("http://localhost:8001/sts/mex"), identity)
End If
Remarks
This address is used as the endpoint for the security token service that issues credentials for the service out of band.
Applies to
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
