SecurityContext SecurityContext SecurityContext SecurityContext Class

定義

表示佇列中訊息的安全性內容。Represents the security context for a message in a queue.

public ref class SecurityContext sealed : IDisposable
public sealed class SecurityContext : IDisposable
type SecurityContext = class
    interface IDisposable
Public NotInheritable Class SecurityContext
Implements IDisposable
繼承
SecurityContextSecurityContextSecurityContextSecurityContext
實作

備註

安全性內容包含快取的安全性資訊,例如憑證和寄件者識別碼附加到訊息,要求驗證時所需的內部憑證對應的私密金鑰,使用者的 SID。The security context contains cached security information such as an internal certificate, the corresponding private key, the user's SID, needed to attach a certificate and the sender identifier to a message when requesting authentication.

如果用戶端,例如 ASP.NET 應用程式,模擬使用者,以將訊息傳送至佇列時,使用者的身分識別用來存取佇列。If a client, such as an ASP.NET application, impersonates a user to send a message to a queue, the identity of the user is used to access the queue. 如果遠端佇列,這些認證會快取,並接著傳送至佇列的訊息時使用。If the queue is remote, these credentials are cached and used for messages that are subsequently sent to the queue. 因此,在後續的訊息中的 SID 會將訊息傳送至佇列的第一個使用者的快取身分識別。Therefore, the SID in subsequent messages will be the cached identity of the first user that sent a message to the queue. 將訊息傳送至佇列的第一個使用者的快取身分識別會用於後續的使用者。The cached identity of the first user that sent a message to the queue will be used for subsequent users.

若要解決這個問題,將設定安全性內容使用SecurityContext之前傳送訊息到遠端的佇列,以確保目前的使用者認證會用來存取佇列。To overcome this problem, set the security context using SecurityContext before sending a message to a remote queue to ensure that the current user's credentials are used to gain access to the queue. 不過,建議的最佳作法是:However, the suggested best practice is to:

  1. 請驗證的佇列的佇列。Make the queue an authenticated queue.

  2. 做為網域身分識別執行 ASP.NET 應用程式,並授權該應用程式寫入至佇列。Run the ASP.NET application as a domain identity and authorize that application to write to the queue.

  3. 不會模擬使用者時使用的佇列。Do not impersonate the user when using the queue. 相反地,取得呼叫者身分識別,然後執行授權檢查 ASP.NET 應用程式中或是訊息中包含呼叫者身分識別,然後執行簽入接收者應用程式的授權。Instead, get the caller's identity and either perform authorization checking in the ASP.NET application or include the caller's identity as part of the message and perform authorization checking in the receiver application.

方法

Dispose() Dispose() Dispose() Dispose()

釋放 SecurityContext 所使用的所有資源。Releases all resources used by the SecurityContext.

Equals(Object) Equals(Object) Equals(Object) Equals(Object)

判斷指定的物件是否等於目前的物件。Determines whether the specified object is equal to the current object.

(Inherited from Object)
Finalize() Finalize() Finalize() Finalize()
GetHashCode() GetHashCode() GetHashCode() GetHashCode()

做為預設雜湊函式。Serves as the default hash function.

(Inherited from Object)
GetType() GetType() GetType() GetType()

取得目前執行個體的 TypeGets the Type of the current instance.

(Inherited from Object)
MemberwiseClone() MemberwiseClone() MemberwiseClone() MemberwiseClone()

建立目前 Object 的淺層複本 (Shallow Copy)。Creates a shallow copy of the current Object.

(Inherited from Object)
ToString() ToString() ToString() ToString()

傳回代表目前物件的字串。Returns a string that represents the current object.

(Inherited from Object)

適用於