WCF 自定义绑定 - 无法使用自定义授权策略获取元数据

在解决了我之前的问题后，我想将netTcpBinding转换为自定义绑定，我成功地管理了它。但是，当我设置自定义授权策略时，WcfTestClient（和普通客户端）在尝试提取元数据时会出错（没有它就可以正常工作！

我的配置：

<serviceAuthorization principalPermissionMode="Custom">
        <authorizationPolicies>
          <add policyType="Sample.Tools.CustomAuthorizationPolicy, Sample" />
        </authorizationPolicies>

我在MSDN（这里：http://social.msdn.microsoft.com/Forums/en-IE/wcf/thread/80a33bc6-0765-45f6-8af5-0a414a5cc40d）上读到这可能是因为还需要自定义授权管理器。我尝试了这个并添加了CustomAuthorizationManager（CheckAccessCore总是返回true），但它不起作用。

这在配置中添加为：

    <serviceAuthorization principalPermissionMode="Custom" serviceAuthorizationManagerType="Sample.Tools.CustomAuthorizationManager, Sample">
        <authorizationPolicies>
          <add policyType="Sample.Tools.CustomAuthorizationPolicy, Sample" />
        </authorizationPolicies>

配置的其余部分：

捆绑：

<customBinding>
      <binding name="SampleBinding" receiveTimeout="00:05:00">
        <transactionFlow/>
        <security authenticationMode="SecureConversation" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
            <secureConversationBootstrap authenticationMode="UserNameForSslNegotiated" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
                <localClientSettings maxClockSkew="23:59:59" />
                <localServiceSettings maxClockSkew="23:59:59" />
           </secureConversationBootstrap>                   
            <localClientSettings maxClockSkew="23:59:59" />
            <localServiceSettings maxClockSkew="23:59:59" />
        </security>
        <binaryMessageEncoding/>
        <tcpTransport transferMode="Buffered" portSharingEnabled="true" maxReceivedMessageSize="65536" hostNameComparisonMode="StrongWildcard"/>
      </binding>
    </customBinding>

行为：

<behavior name="SampleBehavior">
      <serviceMetadata httpGetEnabled="false" />
      <serviceDebug includeExceptionDetailInFaults="true" httpHelpPageEnabled="true" httpsHelpPageEnabled="true" />
        <serviceAuthorization principalPermissionMode="Custom" serviceAuthorizationManagerType="Sample.Tools.CustomAuthorizationManager, Sample">
        <authorizationPolicies>
          <add policyType="Sample.Tools.CustomAuthorizationPolicy, Sample" />
        </authorizationPolicies>
      </serviceAuthorization>
      <serviceCredentials>
        <serviceCertificate findValue="MySample" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
        <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Sample.Tools.CustomUserNameValidator, Sample" />
      </serviceCredentials>
      <serviceThrottling maxConcurrentCalls="2147483647" maxConcurrentSessions="2147483647" maxConcurrentInstances="2147483647" />
    </behavior>

服务业：

<services>
    <service behaviorConfiguration="SampleBehavior"
    name="Sample.SampleService">
    <endpoint address="" 
              binding="customBinding" 
              bindingConfiguration="SampleBinding"
              name="MyServiceEndpoint" 
              contract="Sample.ISampleService">
        <identity>
            <dns value="localhost" />
        </identity>
    </endpoint>
    <endpoint address="mex" 
              binding="mexTcpBinding" 
              bindingConfiguration=""
              name="MyServiceMexTcpBidingEndpoint" 
              contract="IMetadataExchange" />
        <host>
            <baseAddresses>
                <add baseAddress="net.tcp://localhost:809/SampleService.svc" />
            </baseAddresses>
        </host>
    </service>
</services>    

我几乎被困在这里，关于这个问题几乎没有什么可找的。