ProtectionScenario 枚举

定义

ProtectionScenario 枚举指定此策略强制实施的保护方案。The ProtectionScenario enumeration specifies the protection scenario enforced by the policy.

public enum class ProtectionScenario
public enum ProtectionScenario
type ProtectionScenario = 
Public Enum ProtectionScenario
继承
ProtectionScenario

字段

TransportSelected 0

此传输将在安全保护方案和标准保护方案之间进行选择,具体取决于所使用的通道的类型。The transport will select between a secure and standard protection scenario depending on the type of channel used. 对于安全保护,将在安全通道中包装集成 Windows 身份验证,并包含无需执行服务提供程序名称 (SPN) 验证的精确匹配的通道绑定令牌。For secure protection, integrated Windows authentication is wrapped in a secure channel and has an exactly matching channel binding token with no Service Provider Name (SPN) validation. 对于标准保护,可以选择在带可选通道绑定令牌的安全通道中包装集成 Windows 身份验证,但必须执行 SPN 验证。For standard protection, integrated Windows authentication is optionally wrapped in a secure channel with an optional channel binding token and SPN validation is required. 因此,如果请求是通过安全通道传入的,则检查通道绑定令牌 (CBT);否则检查 SPN。So if the request comes through a secure channel, the channel binding token (CBT) is checked, otherwise the SPN is checked.

TrustedProxy 1

在由受信任的代理终结的安全通道中包装集成 Windows 身份验证,并且包含需要 SPN 验证的通道绑定令牌。Integrated Windows authentication is wrapped in a secure channel terminated by a trusted proxy and has a channel binding token with SPN validation required. 这要求存在 CBT,但在检查 SPN 时不会检查 CBT。This requires the presence of a CBT, but the CBT is not checked while the SPN is checked.

适用于