I would have thought that one could basically switch the client credentials from this:
var clientCredentials = new ClientCredentials();
clientCredentials.UserName.UserName = "MyUserName"
clientCredentials.UserName.Password = "MyPassword"
to:
var clientCredentials = new ClientCredentials();
clientCredentials.ClientCertificate.Certificate = myX509Certificate;
and then create a wsTrustChannel to get a security token.
wsTrustChannelFactory.SetCredentials(clientCredentials);
var channel = _wsTrustChannelFactory.CreateChannel(new EndpointAddress(endpointAddress));
var token = channel.Issue(new RequestSecurityToken
{
TokenType = tokenType,
AppliesTo = new EndpointReference(realm),
RequestType = RequestTypes.Issue,
KeyType = KeyTypes.Bearer
}, out requestSecurityTokenResponse);
The username and password work fine, just using the certificate complains that there's no UserName specified. I was under the impression that the token issuer would look up the associated user from the certificate. Where am I going wrong here?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…