Posted onby

Configuring the WCF application config file, client configuration and certificates locations.

Resource Code Resource String; ABindingInstanceHasAlreadyBeenAssociatedTo1: A binding instance has already been associated to listen the specified uniform resource.


WCF application config file

IcoreserviceIcoreservice location

We are starting from configuration like this:

  • フルディスクアクセスについて macOS 10.14(Mojave)から、VirusBarrierおよびPersonal Backupがお使いのメールやメッセージ、Safariのファイル、その他のユーザデータにアクセスするためにはフルディスクアクセスが必要となりました。.
  • What CoreService binding are you using? UI is talking to windows service TCM Service Host, however you may choose either windows service or IIS based core service. In order for event system to be initialized you need to restart the hosting process (either windows service or IIS reset).

As we can see we are starting with one WCF service ICoreService that does not need any authentication.

To enable authentication using Atomia Identity in this file we will add config section for microsoft.identity.

In this config file few things are important to note:

  • line 09 – We define with which issuer our WCF application has trusted relation.
  • line 17 – Defines value of which token type will be interpreted as username.
  • line 18 – Defines value of which token type will be interpreted as users role.

Now, we should configure our service to use federated authentication:

  • Line 06 – Defines that we use now wsFederationHttpBinding.
  • Lines 19 to 31 – Describes federated http bindings setting.
    • Lines 23 to 26 – What claim types we are requesting from Atomia Identity for our WCF.
    • Lines 27 and 28 – Defines location of identity provider for.

On the STS side we should add RP (Rely party) certificate and inform STS that for given URI should use that certificate. This is done in two steps:

1. Set which RpCertProvider to use for given RP URI.

Icoreservice Location

2. For AtomiaRpCertProvider set how to find certificate.

Of course, you will have to install that certificate on given location.

Client configuration


If we now update service reference on client side Visual Studio will generate config file like:


If you look line 24 you will see that is set what is address of STS server but its not set how to authenticate to this service. We will need to update that line like:

Now we should add new bindingConfiguration:

With this binding configuration we have set how the client will be authenticated to the STS.

Certificates locations

If we assume that certificate for Atomia Identity is AtomiaIdentity.cer and certificates for RP are WCFService.cer andWCFService.pfx locations for them will be:

  1. On STS Side:
    1. WCFService.cer => LocalComputer TrustedPeople
  2. On RP Side:
    1. AtomiaIdentity.cer => LocalComputer Trusted root certificate authorities
    2. AtomiaIdentity.cer => LocalComputer Trusted people
    3. WCFService.pfx => LocalComputer Personal
  3. On client side:
    1. WCFService.cer => LocalComputer Trusted root certificate authorities