tags:

views:

330

answers:

0
+1  Q: 

Why doesn't WSDL from WCF service include the custom binding for the STS?

I'm writing a C# WCF service that publishes an endpoint using a WSHttpFederationBinding. We have our own security token server providing tokens, for which callers need to use a custom binding.

This is all working fine for a C# client I've written: this has a custom binding in its app.config like so:

<bindings>
  <customBinding>
    <binding name="CustBind">
      <security authenticationMode="UserNameForCertificate" requireDerivedKeys="true"
                messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
                requireSecurityContextCancellation="false"
                requireSignatureConfirmation="false">
        <secureConversationBootstrap/>
      </security>
      <httpTransport/>
    </binding>
  </customBinding>
  <wsFederationHttpBinding>
    <binding name="FedBind">
      <security>
        <message issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
                 negotiateServiceCredential="false">
          <issuer address="http://STSHost/MySTS" binding="customBinding"
                  bindingConfiguration="CustBind">
            <identity>
              <certificateReference x509FindType="FindBySubjectName" findValue="localhost"/>
            </identity>
          </issuer>
        </message>
      </security>
    </binding>
  </wsFederationHttpBinding>
</bindings>

However, what I want is for users to be able to generate their own clients in whatever language they want, just given the WSDL that the WCF service publishes. The problem with this is that when I try such a thing with Developer Studio's "Add Service Reference" functionality, the resulting client doesn't work.

The reason it doesn't work is because the generated client's app.config is clearly wrong: while the STS is there in the "issuer" element, there's no sign of the custom binding. Looking at the WSDL this isn't too surprising, as there's no mention of anything there other than the issuer address.

Is there any way to get WCF to add something to the WSDL to describe this situation? My server's app.config bindings look okay to me: the "issuer" element is exactly the same as for the working client, including the address and details of the custom binding. Does anyone know why WCF seems to be ignoring this when generating the WSDL?

related questions

Dynamic programming with WCF
WCF Service Returning "Method Not Allowed"
Exceptions in Web Services
What SPN do I need to set for a net.tcp service?
How do I unit test a WCF service?
Best practices for versioning your services with WCF?
Lazy Loading with a WCF Service Domain Model?
How many ServiceContracts can a WCF Service have?
How can I authenticate using client credentials in WCF just once?
WCF - Domain Objects and IExtensibleDataObject
InvalidOperationException while creating wcf web service instance
Closing and Disposing a WCF Service
What WCF best practices do you follow in object model design?
WCF push to client through firewall?
Loading System.ServiceModel configuration section using ConfigurationManager
I would like some tips for debugging WCF Web Service exceptions
What's the best way to authenticate over WCF?
Good Reads for Distributed Systems
.Net - Returning DataTables in WCF
What is the easiest way to add compression to WCF in Silverlight?
WCF Backward Compatibility Issue
Best Practices for securing a REST API / web service
Web Services -- WCF vs. Standard
C# WCF Service - Backward compatibility issue
WCF - High availability