CardSpace の利用
このデモの内容
ここでは、CardSpace (Windows CardSpace) を使用した WCF サービスとそのクライアントを構築していきます。
デモでご紹介しているソースコード
【サービスのコントラクト/実装 (C#)】
using System;
using System.ServiceModel;
using System.Runtime.Serialization;
using System.IdentityModel.Claims;
using System.IdentityModel.Policy;
namespace Demo
{
[ServiceContract()]
public interface IDinnerService
{
[OperationContract]
string OrderFoodByID(int OrderID);
}
public class DinnerService : IDinnerService
{
public string OrderFoodByID(int OrderID)
{
string foodName;
switch (OrderID)
{
case 1:
foodName = "寿司";
break;
default:
foodName = "ハンバーグ";
break;
}
// 取得しているClaimを確認するためコンソールに出力
AuthorizationContext ctx = OperationContext.Current.ServiceSecurityContext.AuthorizationContext;
foreach (ClaimSet clmset in ctx.ClaimSets)
{
foreach (Claim clm in clmset)
{
Console.WriteLine();
Console.WriteLine(clm.ClaimType);
Console.WriteLine(clm.Resource);
Console.WriteLine(clm.Right);
}
}
return foodName;
}
}
}
【サービスのホスト (C#)】
using System;
using System.Collections.Generic;
using System.Text;
using System.ServiceModel;
namespace Demo
{
class Program
{
static void Main(string[] args)
{
Uri addr = new Uri("https://localhost:8080/Demo/DinnerService");
ServiceHost sv = new ServiceHost(typeof(Demo.DinnerService), addr);
sv.Open();
Console.WriteLine("[Enter]キーで終了します");
Console.ReadLine();
sv.Close();
}
}
}
【サービスの構成 (App.config)】
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<services>
<service name="Demo.DinnerService" behaviorConfiguration="DinnerServiceTypeBehaviors">
<endpoint name="DirectService" contract="Demo.IDinnerService"
binding="wsFederationHttpBinding" bindingConfiguration="dinnerBindingConfig">
<identity>
<certificateReference
findValue="Fabrikam"
x509FindType="FindBySubjectName"
storeLocation="LocalMachine"
storeName="My"/>
</identity>
</endpoint>
<endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
</service>
</services>
<bindings>
<wsFederationHttpBinding>
<binding name="dinnerBindingConfig">
<security mode="Message">
<message
algorithmSuite="Basic128"
issuedTokenType="urn:oasis:names:tc:SAML:1.0:assertion"
issuedKeyType="SymmetricKey">
<issuer address="https://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self"/>
<claimTypeRequirements>
<add claimType="https://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"/>
<add claimType="https://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"/>
</claimTypeRequirements>
</message>
</security>
</binding>
</wsFederationHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="DinnerServiceTypeBehaviors" >
<serviceMetadata httpGetEnabled="true" />
<serviceCredentials>
<issuedTokenAuthentication allowUntrustedRsaIssuers="true"/>
<serviceCertificate
findValue="Fabrikam"
x509FindType="FindBySubjectName"
storeLocation="LocalMachine"
storeName="My" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
【クライアントの構成 (App.config)】
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<client>
<endpoint address="https://localhost:8080/Demo/DinnerService"
behaviorConfiguration="dinnerBehaviorConfig"
binding="wsFederationHttpBinding"
bindingConfiguration="dinnerBindConfig"
contract="WindowsApplication6.localhost.IDinnerService"
name="DirectService">
<identity>
<certificateReference
findValue="Fabrikam"
x509FindType="FindBySubjectName"
storeLocation="CurrentUser"
storeName="TrustedPeople"/>
</identity>
</endpoint>
</client>
<bindings>
<wsFederationHttpBinding>
<binding name="dinnerBindConfig">
<security mode="Message">
<message
algorithmSuite="Basic128"
issuedTokenType="urn:oasis:names:tc:SAML:1.0:assertion"
issuedKeyType="SymmetricKey">
<issuer address="https://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self"/>
<claimTypeRequirements>
<add claimType="https://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"/>
<add claimType="https://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"/>
</claimTypeRequirements>
</message>
</security>
</binding>
</wsFederationHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="dinnerBehaviorConfig">
<clientCredentials>
<serviceCertificate>
<defaultCertificate
findValue="Fabrikam"
x509FindType="FindBySubjectName"
storeLocation="CurrentUser"
storeName="TrustedPeople"/>
<authentication revocationMode="NoCheck" certificateValidationMode="PeerOrChainTrust"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
ページのトップへ