我已经开发了测试应用程序,其中添加了用于ADFS身份验证的.asmx文件,身份验证后,它将重定向到我原来已经开发的Web应用程序。 通用代码如下所示。 通用代码如下所示
var stsEndpoint = ConfigurationManager.AppSettings["EndPoint"];
var relayPartyUri = ConfigurationManager.AppSettings["RelayPartyUri"];
EndpointAddress epoint = new EndpointAddress(stsEndpoint);
using (var factory = new WSTrustChannelFactory(new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential), epoint) { TrustVersion = TrustVersion.WSTrust13 })
{
if (factory.Credentials != null)
{
factory.Credentials.UserName.UserName = @"Domain" + userName;
factory.Credentials.UserName.Password = password;
}
var rst = new RequestSecurityToken
{
RequestType = WSTrust13Constants.RequestTypes.Issue,
AppliesTo = new EndpointReference(relayPartyUri),
KeyType = WSTrust13Constants.KeyTypes.Bearer
};
var channel = factory.CreateChannel();
var token = channel.Issue(rst);
var genericToken = token as GenericXmlSecurityToken;
...
}
...
行变量令牌 = 通道。问题(rst(;抛出错误
Error is ID3082: The request scope is not valid or is unsupported
另外,我不确定我应该将哪个 URI 用于 RelyingPartyURI
- 我用于 ADFS 身份验证的服务 URL。 或
- 我已经开发的 Web 应用程序的 URL
请帮忙。
relayPartyUri 是应用的唯一标识符。