如何在web.config中为CustomBinding配置TransportSecurityBindingElement？

Question

我有以下的（减少）的代码，我想通过一个web.config

var security = new TransportSecurityBindingElement(); 
security.EndpointSupportingTokenParameters.SignedEncrypted.Add(new UserNameSecurityTokenParameters()); 

var binding = new CustomBinding(security); 

是否有可能配置来配置这个自定义使用web配置结合？如果可能的话，我如何配置支持令牌参数的端点？我已经试过以下配置，但它不验证对DotNetConfig.xsd：

<system.serviceModel> 
    <bindings> 
    <customBinding> 
     <binding name="SomeBinding" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"> 
     <transportSecurity> <!-- Fails validation --> 
      <!-- How do I configure the EndpointSupportingTokenParameters -->    
     </transportSecurity> 
     </binding> 
    </customBinding> 
    </bindings> 
    <client> 
    ... 
    </client> 
</system.serviceModel> 

Answer 1

我认为你只是用customBinding/security，也许UserNameOverTransport的authenticationMode：

<system.serviceModel> 
    <bindings> 
     <customBinding> 
     <binding> 
      <security authenticationMode="UserNameOverTransport" /> 
     </binding> 
     </customBinding> 
    </bindings> 
</system.serviceModel> 

做不到这一点，你可以尝试手动添加令牌issuedTokenParameters：

<system.serviceModel> 
    <bindings> 
     <customBinding> 
     <binding> 
      <security authenticationMode="UserNameOverTransport"> 
       <issuedTokenParameters tokenType="http://schemas.microsoft.com/ws/2006/05/identitymodel/tokens/UserName" /> 
      </security> 
     </binding> 
     </customBinding> 
    </bindings> 
</system.serviceModel> 

（tokenType从UserNameSecurityTokenParameters被盗）

说实话，这可能是非常麻烦，只是在代码中执行它更容易。如果您需要根据环境的不同，请在配置中定义工厂并使用DI来使用它来创建绑定。