private static Binding GetBinding() { var issuerBinding = new WS2007HttpBinding(SecurityMode.TransportWithMessageCredential); issuerBinding.Security.Message.ClientCredentialType = MessageCredentialType.UserName; issuerBinding.Security.Message.EstablishSecurityContext = false; var endpointAddress = new EndpointAddress("https://issueraddress/adfs/services/trust/13/usernamemixed"); var tokenParameters = WSTrustTokenParameters.CreateWS2007FederationTokenParameters(issuerBinding, endpointAddress); // This works around https://github.com/dotnet/wcf/issues/4425 until an updated // System.ServiceModel.Federation package is published. tokenParameters.KeyType = System.IdentityModel.Tokens.SecurityKeyType.SymmetricKey; return(new WSFederationHttpBinding(tokenParameters)); }
public static void WSTrustTokeParameters_WSStaticHelper() { Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true; EndpointAddress issuerAddress = null; EndpointAddress serviceEndpointAddress = null; string tokenTargetAddress = null; string testString = "Hello"; ChannelFactory <IWcfService> factory = null; IWcfService serviceProxy = null; try { // *** SETUP *** \\ issuerAddress = new EndpointAddress(new Uri(Endpoints.WSFederationAuthorityLocalSTS + "wsHttp/wstrustFeb2005")); tokenTargetAddress = Endpoints.Https_SecModeTransWithMessCred_ClientCredTypeIssuedTokenSaml2 + "wsHttp/wstrustFeb2005"; serviceEndpointAddress = new EndpointAddress(new Uri(tokenTargetAddress)); var issuerBinding = new WSHttpBinding(SecurityMode.Transport); issuerBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic; WSFederationHttpBinding federationBinding = new WSFederationHttpBinding(WSTrustTokenParameters.CreateWSFederationTokenParameters(issuerBinding, issuerAddress)); federationBinding.Security.Message.EstablishSecurityContext = false; factory = new ChannelFactory <IWcfService>(federationBinding, serviceEndpointAddress); factory.Credentials.UserName.UserName = "******"; // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Not a real secret")] factory.Credentials.UserName.Password = "******"; serviceProxy = factory.CreateChannel(); // *** EXECUTE *** \\ string result = serviceProxy.Echo(testString); // *** VALIDATE *** \\ Assert.Equal(testString, result); // *** CLEANUP *** \\ ((ICommunicationObject)serviceProxy).Close(); factory.Close(); } finally { // *** ENSURE CLEANUP *** \\ ScenarioTestHelpers.CloseCommunicationObjects((ICommunicationObject)serviceProxy, factory); } }
public void federation() { //var stsEp = new EndpointAddress("https://services-int.ehealth.fgov.be/IAM/SingleSignOnService/v1"); var stsEp = new EndpointAddress("https://localhost:8080/services/echo/soap12wss10"); var stsBinding = new WSHttpBinding(SecurityMode.TransportWithMessageCredential); stsBinding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate; stsBinding.Security.Message.NegotiateServiceCredential = false; stsBinding.Security.Message.EstablishSecurityContext = false; WSFederationHttpBinding binding; #if NETFRAMEWORK binding = new WSFederationHttpBinding(); binding.Security.Mode = WSFederationHttpSecurityMode.TransportWithMessageCredential; binding.Security.Message.IssuedKeyType = SecurityKeyType.AsymmetricKey; binding.Security.Message.IssuerAddress = stsEp; binding.Security.Message.IssuerBinding = stsBinding; binding.Security.Message.IssuedTokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"; ClaimTypeRequirement ctr = new ClaimTypeRequirement("http://example.org/claim/c1", false); binding.Security.Message.ClaimTypeRequirements.Add(ctr); #else var parameters = WSTrustTokenParameters.CreateWSFederationTokenParameters(stsBinding, stsEp); parameters.KeyType = SecurityKeyType.AsymmetricKey; parameters.TokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"; binding = new WSFederationHttpBinding(parameters); #endif var ep = new EndpointAddress("https://localhost:8080/services/echo/soap12"); ChannelFactory <IEchoService> channelFactory = new ChannelFactory <IEchoService>(binding, ep); channelFactory.Credentials.ClientCertificate.Certificate = rsa; IEchoService client = channelFactory.CreateChannel(); String pong = client.Echo("boe"); Assert.Equal("boe", pong); }
public WSFederationHttpBinding(WSTrustTokenParameters wsTrustTokenParameters) : base(System.ServiceModel.SecurityMode.TransportWithMessageCredential) { }
public WSFederationBindingElement(WSTrustTokenParameters wsTrustTokenParameters, System.ServiceModel.Channels.SecurityBindingElement securityBindingElement) { }