我正在使用 .NET Core 6 并拥有
System.ServiceModel
的 6.0 Nuget 包,这是这个开源代码:https://github.com/dotnet/wcf
我正在尝试从 .NET Framework 4.6 项目复制客户端绑定。有人能告诉我是否支持这些绑定吗?
<system.serviceModel>
<bindings>
<wsFederationHttpBinding>
<binding name="wsFederationHttpBindingConfiguration" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:11:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="6553600" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="1638400" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
<security mode="TransportWithMessageCredential">
<message algorithmSuite="Default" issuedKeyType="SymmetricKey" issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" negotiateServiceCredential="true">
<issuer address="...SecurityTokenService.svc" binding="wsHttpBinding" bindingConfiguration="wsHttpBindingConfiguration">
<headers>
<ServiceContractType xmlns="http://schemas.test/Contracts">ServiceContracts.ISecurityTokenService</ServiceContractType>
</headers>
</issuer>
<issuerMetadata address="...SecurityTokenService.svc/mex" />
</message>
</security>
</binding>
</wsFederationHttpBinding>
<wsHttpBinding>
<binding name="wsHttpBindingConfiguration" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:11:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="6553600" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" negotiateServiceCredential="true" algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="...location.svc" binding="wsFederationHttpBinding" bindingConfiguration="wsFederationHttpBindingConfiguration" contract="ILocationService" name="LocationServiceEndpoint" />
<endpoint address="...admin.svc" binding="wsFederationHttpBinding" bindingConfiguration="wsFederationHttpBindingConfiguration" contract="ServiceRef.IAdminService" name="AdminEndpoint">
<headers>
<ServiceContractType xmlns="http://schemas.test.Contracts">AdminService.Contracts.IAdminService</ServiceContractType>
</headers>
</endpoint>
</client>
</system.serviceModel>
编辑。我的第二个 sts 调用失败并返回 500。当与工作遗留客户端进行比较时,最大的区别是我的核心客户端丢失了:
<t:EncryptWith>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:EncryptWith>
<t:SignWith>http://www.w3.org/2000/09/xmldsig#hmac-sha1</t:SignWith>
<t:CanonicalizationAlgorithm>http://www.w3.org/2001/10/xml-exc-c14n#</t:CanonicalizationAlgorithm>
<t:EncryptionAlgorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:EncryptionAlgorithm>
//currently how i'm setting up the binding:
private void OpenClient()
{
var AdminServiceEndpointString = "blah.adminsvc.svc"
EndpointAddress AdminServiceEndpointAddress = new EndpointAddress(AdminServiceEndpointString);
AdminServiceClient client = new AdminServiceClient(GetBinding(), AdminServiceEndpointAddress);
client.ClientCredentials.UserName.UserName = Utilities.GetUserName(DbInstanceId);
client.ClientCredentials.UserName.Password = Utilities.GetUserPwd();
client.ClientCredentials.ServiceCertificate.SslCertificateAuthentication = new X509ServiceCertificateAuthentication()
{
CertificateValidationMode = X509CertificateValidationMode.None,
RevocationMode = X509RevocationMode.NoCheck,
};
Client = client;
}
private static Binding GetBinding()
{
var issuerBinding = new WSHttpBinding(SecurityMode.TransportWithMessageCredential)
{
CloseTimeout = TimeSpan.FromMinutes(1),
OpenTimeout = TimeSpan.FromMinutes(1),
ReceiveTimeout = TimeSpan.FromMinutes(10),
SendTimeout = TimeSpan.FromMinutes(11),
BypassProxyOnLocal = false,
TransactionFlow = false,
MaxBufferPoolSize = 524288,
MaxReceivedMessageSize = 6553600,
MessageEncoding = WSMessageEncoding.Text,
TextEncoding = System.Text.Encoding.UTF8,
UseDefaultWebProxy = true,
};
issuerBinding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
issuerBinding.Security.Message.EstablishSecurityContext = true;
issuerBinding.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Default;
var endpointAddress = new EndpointAddress("https://blah.SecurityTokenService.svc");
var tokenParameters = WSTrustTokenParameters.CreateWS2007FederationTokenParameters(issuerBinding, endpointAddress);
tokenParameters.TokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"; //"http://schemas.xmlsoap.org/ws/2005/02/sc/sct";
tokenParameters.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11;
tokenParameters.KeyType = System.IdentityModel.Tokens.SecurityKeyType.SymmetricKey;
return new WSFederationHttpBinding(tokenParameters);
}
据我所知,Core 中已经支持 WSHttpBinding 和 WSFederationHttpBinding。 此项目包括创建绑定的示例。
另外.NET Framework WCF和.NET Core WCF场景的区别在于后者的绑定只能在代码中配置,不能在app.config中配置。
您可以参考以下文章详细讲解这些应用场景:
CoreWCF 1.0 已发布,WCF for .NET Core 和 .NET 5+
.NET 标准中的 WSFederationHttpBinding
希望有帮助。