Vorgehensweise: Deaktivieren sicherer Sitzungen auf einer WSFederationHttpBindingHow to: Disable Secure Sessions on a WSFederationHttpBinding

Für einige Dienste sind möglicherweise verbundene Anmeldeinformationen notwendig, sichere Sitzungen werden jedoch nicht unterstützt.Some services may require federated credentials but not support secure sessions. In diesem Fall müssen Sie die Funktion für sichere Sitzungen deaktivieren.In that case, you must disable the secure session feature. Im Gegensatz zu den < xref:System.ServiceModel.WsHttpBinding>, wird die WSFederationHttpBinding Klasse bietet keine Möglichkeit, sichere Sitzungen deaktivieren bei der Kommunikation mit einem Dienst.Unlike the < xref:System.ServiceModel.WsHttpBinding>, the WSFederationHttpBinding class does not provide a way to disable secure sessions when communicating with a service. Sie müssen vielmehr eine benutzerdefinierte Bindung erstellen, die die Einstellungen der sicheren Sitzung durch einen Bootstrap ersetzen.Instead, you must create a custom binding that replaces the secure session settings with a bootstrap.

In diesem Thema wird veranschaulicht, wie Sie das Bindungselement, das sich in einer WSFederationHttpBinding befindet, ändern können, um eine benutzerdefinierte Bindung zu erstellen.This topic demonstrates how to modify the binding elements contained within a WSFederationHttpBinding to create a custom binding. Das Ergebnis entspricht WSFederationHttpBinding mit Ausnahme der Tatsache, dass keine sicheren Sitzungen verwendet werden.The result is identical to the WSFederationHttpBinding except that it does not use secure sessions.

So erstellen Sie eine benutzerdefinierte Verbundbindung ohne sichere SitzungTo create a custom federated binding without secure session

  1. Erstellen Sie eine Instanz der WSFederationHttpBinding-Klasse, sei es imperativ im Code oder durch das Laden einer Instanz aus der Konfigurationsdatei.Create an instance of the WSFederationHttpBinding class either imperatively in code or by loading one from the configuration file.

  2. Klonen Sie WSFederationHttpBinding in CustomBinding.Clone the WSFederationHttpBinding into a CustomBinding.

  3. Suchen Sie SecurityBindingElement in CustomBinding.Find the SecurityBindingElement in the CustomBinding.

  4. Suchen Sie SecureConversationSecurityTokenParameters in SecurityBindingElement.Find the SecureConversationSecurityTokenParameters in the SecurityBindingElement.

  5. Ersetzen Sie das ursprüngliche SecurityBindingElement durch das Bootstrap-Sicherheitsbindungselement aus SecureConversationSecurityTokenParameters.Replace the original SecurityBindingElement with the bootstrap security binding element from the SecureConversationSecurityTokenParameters.

BeispielExample

Mit dem folgenden Beispielcode wird eine benutzerdefinierte Verbundbindung ohne sichere Sitzung erstellt.This following example creates a custom federated binding without secure session.

using System;
using System.Collections.Generic;
using System.ServiceModel;
using System.ServiceModel.Channels;
using System.ServiceModel.Security.Tokens;
using System.Security.Permissions;
[assembly: SecurityPermission(
   SecurityAction.RequestMinimum, Execution = true)]
namespace Samples
{
    
    public sealed class CustomBindingCreator
    {
        // This method creates a CustomBinding based on a WSFederationHttpBinding which does not use secure conversation.
        public static CustomBinding CreateFederationBindingWithoutSecureSession(WSFederationHttpBinding inputBinding)
        {
            // This CustomBinding starts out identical to the specified WSFederationHttpBinding.
            CustomBinding outputBinding = new CustomBinding(inputBinding.CreateBindingElements());
            // Find the SecurityBindingElement for message security.
            SecurityBindingElement security = outputBinding.Elements.Find<SecurityBindingElement>();
            // If the security mode is message, then the secure session settings are the protection token parameters.
            SecureConversationSecurityTokenParameters secureConversation;
            if (WSFederationHttpSecurityMode.Message == inputBinding.Security.Mode)
            {
                SymmetricSecurityBindingElement symmetricSecurity = security as SymmetricSecurityBindingElement;
                secureConversation = symmetricSecurity.ProtectionTokenParameters as SecureConversationSecurityTokenParameters;
            }
            // If the security mode is message, then the secure session settings are the endorsing token parameters.
            else if (WSFederationHttpSecurityMode.TransportWithMessageCredential == inputBinding.Security.Mode)
            {
                TransportSecurityBindingElement transportSecurity = security as TransportSecurityBindingElement;
                secureConversation = transportSecurity.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters;
            }
            else
            {
                throw new NotSupportedException(String.Format("Unhandled security mode {0}.", inputBinding.Security.Mode));
            }
            // Replace the secure session SecurityBindingElement with the bootstrap SecurityBindingElement.
            int securityIndex = outputBinding.Elements.IndexOf(security);
            outputBinding.Elements[securityIndex] = secureConversation.BootstrapSecurityBindingElement;
            // Return modified binding.
            return outputBinding;
        }
        // It is a good practice to create a private constructor for a class that only 
        // defines static methods.
        private CustomBindingCreator() { }
        static void Main() 
        { 
            // Code not shown.
        }

    }
Imports System
Imports System.Collections.Generic
Imports System.ServiceModel
Imports System.ServiceModel.Channels
Imports System.ServiceModel.Security.Tokens
Imports System.Security.Permissions


<Assembly: SecurityPermission(SecurityAction.RequestMinimum, Execution:=True)> 



Public NotInheritable Class CustomBindingCreator

    ' This method creates a CustomBinding based on a WSFederationHttpBinding which does not use secure conversation.
    Public Shared Function CreateFederationBindingWithoutSecureSession(ByVal inputBinding As WSFederationHttpBinding) As CustomBinding
        ' This CustomBinding starts out identical to the specified WSFederationHttpBinding.
        Dim outputBinding As New CustomBinding(inputBinding.CreateBindingElements())
        ' Find the SecurityBindingElement for message security.
        Dim security As SecurityBindingElement = outputBinding.Elements.Find(Of SecurityBindingElement)()
        ' If the security mode is message, then the secure session settings are the protection token parameters.
        Dim secureConversation As SecureConversationSecurityTokenParameters
        If WSFederationHttpSecurityMode.Message = inputBinding.Security.Mode Then
            Dim symmetricSecurity As SymmetricSecurityBindingElement = CType(security, SymmetricSecurityBindingElement)
            secureConversation = CType(symmetricSecurity.ProtectionTokenParameters, SecureConversationSecurityTokenParameters)
            ' If the security mode is message, then the secure session settings are the endorsing token parameters.
        ElseIf WSFederationHttpSecurityMode.TransportWithMessageCredential = inputBinding.Security.Mode Then
            Dim transportSecurity As TransportSecurityBindingElement = CType(security, TransportSecurityBindingElement)
            secureConversation = CType(transportSecurity.EndpointSupportingTokenParameters.Endorsing(0), SecureConversationSecurityTokenParameters)
        Else
            Throw New NotSupportedException(String.Format("Unhandled security mode {0}.", inputBinding.Security.Mode))
        End If
        ' Replace the secure session SecurityBindingElement with the bootstrap SecurityBindingElement.
        Dim securityIndex As Integer = outputBinding.Elements.IndexOf(security)
        outputBinding.Elements(securityIndex) = secureConversation.BootstrapSecurityBindingElement
        ' Return modified binding.
        Return outputBinding

    End Function

    ' It is a good practice to create a private constructor for a class that only 
    ' defines static methods.
    Private Sub New()

    End Sub 'New

    Shared Sub Main()

    End Sub 'Main
End Class 'CustomBindingCreator ' Code not shown.

Kompilieren des CodesCompiling the Code

  • Um das Codebeispiel zu kompilieren, erstellen Sie ein Projekt, das auf die System.ServiceModel.dll-Assembly verweist.To compile the code example, create a project that references the System.ServiceModel.dll assembly.

Siehe auchSee Also

Bindungen und SicherheitBindings and Security