问题
I have this CustomBinding:
var sec = new AsymmetricSecurityBindingElement(
new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Any, SecurityTokenInclusionMode.Never),
new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Any, SecurityTokenInclusionMode.AlwaysToRecipient));
sec.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;
sec.SecurityHeaderLayout = SecurityHeaderLayout.Strict;
sec.IncludeTimestamp = true;
sec.SetKeyDerivation(false);
sec.KeyEntropyMode = System.ServiceModel.Security.SecurityKeyEntropyMode.ServerEntropy;
sec.EnableUnsecuredResponse = true;
CustomBinding myBinding = new CustomBinding();
myBinding.Elements.Add(sec);
myBinding.Elements.Add(new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8));
myBinding.Elements.Add(new HttpsTransportBindingElement());
I would like to add some SAML assertions like this:
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" saml:ID="authorization-assertion" saml:IssueInstant="2020-11-12T09:10:27Z" saml:Version="2.0" wsu:Id="authorization-assertion" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:assertion saml-schema-assertion-2.0.xsd">
<saml:Issuer>COMPANY</saml:Issuer>
<saml:Subject>
<saml:nameID>02942630753.localhost.com</saml:nameID>
</saml:Subject>
<saml:AuthzDecisionStatement Decision="Permit" Resource="IDocument">
<saml:Action Namespace="http://FSE/IDocumentService"/>
</saml:AuthzDecisionStatement>
<saml:AttributeStatement/>
</saml:Assertion>
I thought I might use: myBinding.Elements.Add(), But I don't know how to construct the Assertion element.
回答1:
As I said yesterday on your previous posting to read a template from a file. You can also put it in code like code below using xml linq. If you read from a file replace the Parse() method with Load() method. :
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Xml;
using System.Xml.Linq;
namespace ConsoleApplication1
{
class Program
{
const string FILENAME = @"c:\temp\test.xml";
static void Main(string[] args)
{
string assertion =
"<saml:Assertion xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"" +
" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"" +
" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"" +
" saml:ID=\"authorization-assertion\"" +
" saml:IssueInstant=\"2020-11-12T09:10:27Z\"" +
" saml:Version=\"2.0\"" +
" wsu:Id=\"authorization-assertion\"" +
" xsi:schemaLocation=\"urn:oasis:names:tc:SAML:2.0:assertion saml-schema-assertion-2.0.xsd\">" +
"<saml:Issuer>COMPANY</saml:Issuer>" +
"<saml:Subject>" +
"<saml:nameID>02942630753.localhost.com</saml:nameID>" +
"</saml:Subject>" +
"<saml:AuthzDecisionStatement Decision=\"Permit\" Resource=\"IDocument\">" +
"<saml:Action Namespace=\"http://FSE/IDocumentService\"/>" +
"</saml:AuthzDecisionStatement>" +
"<saml:AttributeStatement/>" +
"</saml:Assertion>";
XDocument doc = XDocument.Parse(assertion);
}
}
}
来源:https://stackoverflow.com/questions/64832860/add-saml-assertion-to-a-custom-binding