Un prêt non garanti ou mal sécurisé faute a été reçue de l'autre partie.(Lors du travail avec SAML )

Je suis nouveau service web WCF. actuellement je travaille sur un fédéré service web avec la fédération de liaison(SAML) .J'ai pris l'aide de MSDN exemples sur "Jeton SAML Fournisseur".mais le problème est que je ne suis pas en mesure de consommer le service ,lorsque je consomme, il jette "chirographaire ou mal sécurisé faute a été reçue de l'autre partie" à l'intérieur des exception comme "Une erreur s'est produite lors du traitement de l'jetons de sécurité dans le message."

c'est mon fichier de configuration web à côté serveur

 <?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
</system.web>
<system.serviceModel>
<bindings>
<wsFederationHttpBinding>
<binding name="Binding1">
<security mode="Message" >
<message negotiateServiceCredential ="false" issuedKeyType ="AsymmetricKey" 
issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1">
</message>
</security>
</binding>
<!-- Binding that expect SAML tokens with Asymmetric proof keys -->
<binding name="Binding2">
<security mode="Message">
<message negotiateServiceCredential ="false"
issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1">
</message>
</security>
</binding>
</wsFederationHttpBinding>
</bindings>
<services>
<!--<service name="MobileInterfaceWCFService.MobileService" behaviorConfiguration="MobileInterfacebehavior">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="basic_http" contract="MobileInterfaceWCFService.IMobileInterface" />
</service>
<service name ="MobileInterfaceWCFService.MobileService" behaviorConfiguration="MobileInterfaceWCFService.Service1Behavior">
<endpoint address="" binding="wsHttpBinding" contract="MobileInterfaceWCFService.IMobileInterface" bindingName="wsHttpBinding_ITMNetWCFService_ITMMobileSharedWebService" bindingConfiguration="wsHttpBinding_ITMNetWCFService_ITMMobileSharedWebService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</service> -->
<service name ="MobileInterfaceWCFService.MobileService" behaviorConfiguration="MobileInterfaceWCFService.SamlTokenBehavior">
<endpoint address="" binding="wsFederationHttpBinding" contract="MobileInterfaceWCFService.IMobileInterface" bindingName="Binding1" bindingConfiguration="Binding1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</service>
</services>
<client>
<endpoint address="http://host-root/MobileSharedWebService/MobileSharedWebService.svc" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_ITMNetWCFService_ITMMobileSharedWebService" contract="ServiceReference1.ITMMobileSharedWebService" name="wsHttpBinding_ITMNetWCFService_ITMMobileSharedWebService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
</client>
<behaviors>
<serviceBehaviors>
<behavior name="MobileInterfacebehavior">
<!--<serviceMetadata httpGetEnabled="true" />-->
</behavior>
<behavior name="MobileInterfaceWCFService.Service1Behavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<!--    <serviceMetadata httpGetEnabled="true"/> -->
<!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
<behavior name="MobileInterfaceWCFService.SamlTokenBehavior">
<serviceMetadata httpGetEnabled="true"  /> 
<!-- 
The serviceCredentials behavior allows one to define a service certificate.
A service certificate is used by a client to authenticate the service and provide message protection.
This configuration references the "localhost" certificate installed during the setup instructions.
-->
<serviceCredentials>
<!-- Set allowUntrustedRsaIssuers to true to allow self-signed, asymmetric key based SAML tokens -->
<issuedTokenAuthentication allowUntrustedRsaIssuers ="false" >
<!-- Add Alice to the list of certs trusted to issue SAML tokens -->
<knownCertificates>
<add storeLocation="LocalMachine" 
storeName="TrustedPeople"
x509FindType="FindBySubjectName"
findValue="Alice"/>
</knownCertificates>
</issuedTokenAuthentication>
<serviceCertificate storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName"
findValue="localhost"  />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<handlers accessPolicy="Read, Script" />
<security>
<authentication>
<anonymousAuthentication enabled="true" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
<asp enableParentPaths="true" />
</system.webServer>
<system.diagnostics>
<sources>
<source name="System.ServiceModel"
switchValue="Information, ActivityTracing"
propagateActivity="true">
<listeners>
<add name="traceListener"
type="System.Diagnostics.XmlWriterTraceListener"
initializeData= "c:\log\Traces.svclog" />
</listeners>
</source>
</sources>
</system.diagnostics>
</configuration>

voici mon fichier de config au consommateur final

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsFederationHttpBinding>
<binding name="Binding1_IMobileInterface"  >
<security mode="Message">
<message issuedKeyType="AsymmetricKey"      issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
negotiateServiceCredential="false"  >   
</message>
</security>
</binding>
</wsFederationHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost/WCF_MobileInterface/MobileService.svc"
binding="wsFederationHttpBinding" bindingConfiguration="Binding1_IMobileInterface"
contract="ServiceReference1.IMobileInterface" name="Binding1_IMobileInterface">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>

Note: j'ai essayé toutes les solutions qui ont été liés à la même type d'erreur/problème sur stackoverflow ainsi que sur google, mais a été incapable de résoudre le problème

Tout rapide aide sera appréciée

merci d'avance

InformationsquelleAutor dreamweiver | 2013-02-04