HOW TO：使用相同類型的多個安全性權杖

• 在 .NET Framework 3.0 中，用戶端訊息只包含任何指定類型的一個權杖。現在，用戶端訊息可以包含某個類型的多個權杖。本主題說明如何在用戶端訊息中包含相同類型的多個權杖。

• 請注意，設定服務時，服務絕對不可以只包含一個支援權杖。

使用相同類型的多個安全性權杖

1. 建立要填入的空白繫結項目集合。

   // Create an empty BindingElementCollection to populate, 
   // then create a custom binding from it.
   BindingElementCollection bec = new BindingElementCollection();
   

2. 透過呼叫 CreateMutualCertificateBindingElement 建立 SecurityBindingElement。

   SecurityBindingElement sbe = SecurityBindingElement.CreateMutualCertificateBindingElement();
   

3. 建立 SupportingTokenParameters 集合。

   SupportingTokenParameters supportParams = new SupportingTokenParameters();
   

4. 將 SAML 權杖加入至集合。

   // Two supporting SAML tokens are being added.
   supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress1, issuerBinding1));
   supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress2, issuerBinding2));
   

5. 將集合加入至 SecurityBindingElement。

   ((SymmetricSecurityBindingElement)sbe).OperationSupportingTokenParameters.Add("*", supportParams);
   

6. 將繫結項目加入至繫結項目集合。

   bec.Add(sbe);
   bec.Add(new TextMessageEncodingBindingElement());
   bec.Add(new HttpTransportBindingElement());
   

7. 從繫結項目集合傳回建立的新自訂繫結。

   // Create a CustomBinding and return it; otherwise, return null.
   return new CustomBinding(bec);
   

範例

下列是先前程序所述的完整方法。

// This method creates a CustomBinding that includes two tokens of a given type.
public static Binding CreateCustomBinding(EndpointAddress issuerEndpointAddress1, Binding issuerBinding1, EndpointAddress issuerEndpointAddress2, Binding issuerBinding2)
{
    // Create an empty BindingElementCollection to populate, 
    // then create a custom binding from it.
    BindingElementCollection bec = new BindingElementCollection();

    SecurityBindingElement sbe = SecurityBindingElement.CreateMutualCertificateBindingElement();

    SupportingTokenParameters supportParams = new SupportingTokenParameters();
    
    // Two supporting SAML tokens are being added.
    supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress1, issuerBinding1));
    supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress2, issuerBinding2));
    
    ((SymmetricSecurityBindingElement)sbe).OperationSupportingTokenParameters.Add("*", supportParams);
    
    bec.Add(sbe);
    bec.Add(new TextMessageEncodingBindingElement());
    bec.Add(new HttpTransportBindingElement());

    // Create a CustomBinding and return it; otherwise, return null.
    return new CustomBinding(bec);
}

另請參閱

概念

安全性架構