Configuring the WCF application config file, client configuration and certificates locations.
Resource Code Resource String; ABindingInstanceHasAlreadyBeenAssociatedTo1: A binding instance has already been associated to listen the specified uniform resource.
WCF application config file
We are starting from configuration like this:
- フルディスクアクセスについて macOS 10.14（Mojave）から、VirusBarrierおよびPersonal Backupがお使いのメールやメッセージ、Safariのファイル、その他のユーザデータにアクセスするためにはフルディスクアクセスが必要となりました。.
- What CoreService binding are you using? UI is talking to windows service TCM Service Host, however you may choose either windows service or IIS based core service. In order for event system to be initialized you need to restart the hosting process (either windows service or IIS reset).
As we can see we are starting with one WCF service
ICoreService that does not need any authentication.
To enable authentication using
Atomia Identity in this file we will add config section for
In this config file few things are important to note:
- line 09 – We define with which issuer our WCF application has trusted relation.
- line 17 – Defines value of which token type will be interpreted as username.
- line 18 – Defines value of which token type will be interpreted as users role.
Now, we should configure our service to use federated authentication:
- Line 06 – Defines that we use now wsFederationHttpBinding.
- Lines 19 to 31 – Describes federated http bindings setting.
- Lines 23 to 26 – What claim types we are requesting from
Atomia Identityfor our WCF.
- Lines 27 and 28 – Defines location of identity provider for.
On the STS side we should add RP (Rely party) certificate and inform STS that for given URI should use that certificate. This is done in two steps:
1. Set which RpCertProvider to use for given RP URI.
2. For AtomiaRpCertProvider set how to find certificate.
Of course, you will have to install that certificate on given location.
If we now update service reference on client side Visual Studio will generate config file like:
If you look line 24 you will see that is set what is address of STS server but its not set how to authenticate to this service. We will need to update that line like:
Now we should add new bindingConfiguration:
With this binding configuration we have set how the client will be authenticated to the STS.
If we assume that certificate for Atomia Identity is
AtomiaIdentity.cer and certificates for RP are
WCFService.pfx locations for them will be:
- On STS Side:
WCFService.cer => LocalComputer TrustedPeople
- On RP Side:
AtomiaIdentity.cer => LocalComputer Trusted root certificate authorities
AtomiaIdentity.cer => LocalComputer Trusted people
WCFService.pfx => LocalComputer Personal
- On client side:
WCFService.cer => LocalComputer Trusted root certificate authorities