Adding UPN to resource moniker

Topics: Technical Questions
Mar 31, 2009 at 7:08 AM
Edited Apr 2, 2009 at 9:01 AM
I looked at the security sample for adding a dns name to the resource and changed it to adding a UPN instead.

Here's the code where I set the UPN:


public override TChannel CreateChannel(EndpointAddress address, Uri via)
    EndpointAddress newAddress = address; 
    if (!string.IsNullOrEmpty(_settings.UserPrincipalName)) 
        EndpointIdentity epIdentity = EndpointIdentity.CreateUpnIdentity(_settings.UserPrincipalName);
        newAddress =
new EndpointAddress(address.Uri, epIdentity, address.Headers); 
    return base.CreateChannel(newAddress, via);

But I'm getting an error when I make the call:
The entry found in AuthenticationManager's CustomTargetNameDictionary for https://<snip> does not match the requested identity of <snip>

I've created a test client where I make two calls, one directly to the resource endpoint and one through MSE. I've made sure that I use the same UPN.

Any suggestions?

Best regards,


I managed to fix the error, I was missing some configuration when I was creating my new EndpointAddress.

I added two parameters to the constructor and it started to work:
newAddress = new EndpointAddress(address.Uri, epIdentity, address.Headers, address.GetReaderAtMetadata(), address.GetReaderAtExtensions());





Btw, you should set up some contrib project where we users can add extensions like this, I'm guessing I'm not the only one who needs a UPN.

Apr 6, 2009 at 9:28 PM
Hi Mats.  Glad you were able to identify the problem.  This may be something we need to update in the Security Guide sample source code to ensure it works for broader scenarios.

Our current plan is to have these forums be the conduit for the community to share their extensions and custom policies... Not the greatest format, but you can reference your own blog or favorite shared storage site to provide more information and share source code.