FederatedMessageSecurityOverHttp.IssuerMetadataAddress 屬性
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
取得或設定端點位址,用來與超出範圍的安全性權杖服務進行通訊。
public:
property System::ServiceModel::EndpointAddress ^ IssuerMetadataAddress { System::ServiceModel::EndpointAddress ^ get(); void set(System::ServiceModel::EndpointAddress ^ value); };
public System.ServiceModel.EndpointAddress IssuerMetadataAddress { get; set; }
member this.IssuerMetadataAddress : System.ServiceModel.EndpointAddress with get, set
Public Property IssuerMetadataAddress As EndpointAddress
屬性值
用來與超出範圍的安全性權杖服務進行通訊的 Binding。
範例
下列程式碼示範如何從繫結存取這個屬性並加以設定。
// This method creates a WSFederationHttpBinding.
public static WSFederationHttpBinding
CreateWSFederationHttpBinding(bool isClient)
{
// Create an instance of the WSFederationHttpBinding.
WSFederationHttpBinding b = new WSFederationHttpBinding();
// Set the security mode to Message.
b.Security.Mode = WSFederationHttpSecurityMode.Message;
// Set the Algorithm Suite to Basic256Rsa15.
b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15;
// Set NegotiateServiceCredential to true.
b.Security.Message.NegotiateServiceCredential = true;
// Set IssuedKeyType to Symmetric.
b.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey;
// Set IssuedTokenType to SAML 1.1
b.Security.Message.IssuedTokenType =
"http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#samlv1.1";
// Extract the STS certificate from the certificate store.
X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certs = store.Certificates.Find(
X509FindType.FindByThumbprint, "0000000000000000000000000000000000000000", false);
store.Close();
// Create an EndpointIdentity from the STS certificate.
EndpointIdentity identity = EndpointIdentity.CreateX509CertificateIdentity ( certs[0] );
// Set the IssuerAddress using the address of the STS and the previously created
// EndpointIdentity.
b.Security.Message.IssuerAddress =
new EndpointAddress(new Uri("http://localhost:8000/sts/x509"), identity);
// Set the IssuerBinding to a WSHttpBinding loaded from configuration.
// The IssuerBinding is only used on federated clients.
if (isClient)
{
b.Security.Message.IssuerBinding = new WSHttpBinding("Issuer");
}
// Set the IssuerMetadataAddress using the metadata address of the STS and the
// previously created EndpointIdentity. The IssuerMetadataAddress is only used
// on federated services.
else
{
b.Security.Message.IssuerMetadataAddress =
new EndpointAddress(new Uri("http://localhost:8001/sts/mex"), identity);
}
' This method creates a WSFederationHttpBinding.
Public Shared Function CreateWSFederationHttpBinding(ByVal isClient As Boolean) As WSFederationHttpBinding
' Create an instance of the WSFederationHttpBinding.
Dim b As New WSFederationHttpBinding()
' Set the security mode to Message.
b.Security.Mode = WSFederationHttpSecurityMode.Message
' Set the Algorithm Suite to Basic256Rsa15.
b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15
' Set NegotiateServiceCredential to true.
b.Security.Message.NegotiateServiceCredential = True
' Set IssuedKeyType to Symmetric.
b.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey
' Set IssuedTokenType to SAML 1.1
b.Security.Message.IssuedTokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#samlv1.1"
' Extract the STS certificate from the certificate store.
Dim store As New X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser)
store.Open(OpenFlags.ReadOnly)
Dim certs As X509Certificate2Collection = store.Certificates.Find(X509FindType.FindByThumbprint, "0000000000000000000000000000000000000000", False)
store.Close()
' Create an EndpointIdentity from the STS certificate.
Dim identity As EndpointIdentity = EndpointIdentity.CreateX509CertificateIdentity (certs(0))
' Set the IssuerAddress using the address of the STS and the previously created
' EndpointIdentity.
b.Security.Message.IssuerAddress = New EndpointAddress(New Uri("http://localhost:8000/sts/x509"), identity)
' Set the IssuerBinding to a WSHttpBinding loaded from configuration.
' The IssuerBinding is only used on federated clients.
If isClient Then
b.Security.Message.IssuerBinding = New WSHttpBinding("Issuer")
' Set the IssuerMetadataAddress using the metadata address of the STS and the
' previously created EndpointIdentity. The IssuerMetadataAddress is only used
' on federated services.
Else
b.Security.Message.IssuerMetadataAddress = New EndpointAddress(New Uri("http://localhost:8001/sts/mex"), identity)
End If
備註
此位址便是安全性權杖服務的端點,此服務發行超出範圍的服務認證。