다음 코드는 WIF에서 "Issue"요청을하려고합니다.WIF WSTrustSerializationException - 요청 언어를 사용자 지정 값으로 설정할 수 없습니까?
실행할 때 다음 예외가 발생합니다. 사용자 정의 클레임 문제를 사용하여 보안 토큰을 요청할 수 있습니까?
Additional information: ID3257: RequestSecurityToken contains at least one Claim with a Claim value specified but the RequestClaimCollection.Dialect is set to 'urn:custom_namespace:sts:1_0'. The RequestClaimCollection.Dialect must be set to 'http://docs.oasis-open.org/wsfed/authorization/200706/authclaims' for the value to be serialized out.
코드 :
private const string CLAIMS_DIALECT = "urn:custom_namespace:sts:1_0";
private const string REQUEST_CLAIM_TYPE = "urn:custom_namespace:sts:1_0";
private const string REQUEST_CLAIM_VALUE = "urn:oasis:names:tc:SAML2.0:consent:current-explicit";
public System.IdentityModel.Tokens.SecurityToken RequestSecurityToken(string input)
{
System.Net.ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true);
WS2007HttpBinding binding = new WS2007HttpBinding();
binding.Security.Mode = SecurityMode.TransportWithMessageCredential;
binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;
var trustChannelFactory = new WSTrustChannelFactory(binding, new EndpointAddress(new Uri(STS_URL)));
trustChannelFactory.TrustVersion = TrustVersion.WSTrust13;
trustChannelFactory.Credentials.ClientCertificate.Certificate = GetCertificateBySubjectName(LOCALHOST_CERTIFICATE_SUBJECT_NAME);
trustChannelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.PeerOrChainTrust;
trustChannelFactory.Credentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
try
{
RequestSecurityToken rst = new RequestSecurityToken();
rst.AppliesTo = new EndpointAddress(new Uri(APPLIES_TO_URL), new X509CertificateEndpointIdentity(GetCertificateBySubjectName(LOGON_SERVICE_CERTIFICATE_SUBJECT_NAME)));
rst.ActAs = BuildSecurityTokenElementFromInput(input);
rst.RequestType = RequestTypes.Issue;
rst.Lifetime = new Lifetime(DateTime.UtcNow, DateTime.UtcNow.AddMinutes(5));
rst.Claims.Dialect = CLAIMS_DIALECT;
var requestClaim = new RequestClaim(REQUEST_CLAIM_TYPE, false, REQUEST_CLAIM_VALUE);
rst.Claims.Add(requestClaim);
WSTrustChannel channel = (WSTrustChannel)trustChannelFactory.CreateChannel();
RequestSecurityTokenResponse rstr = null;
return channel.Issue(rst, out rstr);
}
finally
{
trustChannelFactory.Close();
}
}