自定义 Saml2SecurityTokenHandler - 令牌序列化程序无法序列化
为了简单起见,我实现了以下类:
public class CustomUserNamePasswordValidatorSecurityTokenHandler : UserNameSecurityTokenHandler {}
并且我启用了它的配置(并启用了正确的 configSection):
<microsoft.identityModel>
<service>
<securityTokenHandlers>
<clear />
<add type="CustomUserNamePasswordValidatorSecurityTokenHandler" />
</securityTokenHandlers>
</service>
</microsoft.identityModel>
并对我的 STS 收益执行实际的 RP 调用(在服务跟踪查看器中):
令牌序列化程序无法序列化“Microsoft.IdentityModel.Tokens.SessionSecurityToken”。如果这是自定义类型,您必须提供自定义序列化程序。
如果我注释掉配置(因此不应用令牌处理程序),则一切正常。我如何提供这个自定义序列化器?
注意:这个帖子但是我没有看到解决方案。
For the sake of simplicity, I've implemented the following class:
public class CustomUserNamePasswordValidatorSecurityTokenHandler : UserNameSecurityTokenHandler {}
And I've enabled it configuration (and enabled proper configSection):
<microsoft.identityModel>
<service>
<securityTokenHandlers>
<clear />
<add type="CustomUserNamePasswordValidatorSecurityTokenHandler" />
</securityTokenHandlers>
</service>
</microsoft.identityModel>
And performing an actual RP call against my STS yields (in service trace viewer):
The token Serializer cannot serialize 'Microsoft.IdentityModel.Tokens.SessionSecurityToken'. If this is a custom type you must supply a custom serializer.
If I comment out the configuration (so no token handler applys), everything works fine. How do I supply this custom serializer?
NOTE: There's a couple references to the issue in this thread however I don't see the resolution.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
删除 securityTokenHandler 部分上的
Removing the
<clear />on the securityTokenHandler section should suffice (I editied may answer on your other question accordingly, sorry).<clear />removes all by default registered handlers (e.g. for the SessionSecurityToken).