SecurityContext SecurityContext SecurityContext SecurityContext Class

定義

表示佇列中訊息的安全性內容。Represents the security context for a message in a queue.

public ref class SecurityContext sealed : IDisposable
public sealed class SecurityContext : IDisposable
type SecurityContext = class
    interface IDisposable
Public NotInheritable Class SecurityContext
Implements IDisposable
繼承
SecurityContextSecurityContextSecurityContextSecurityContext
實作

備註

安全性內容包含快取的安全性資訊, 例如內部憑證、對應的私密金鑰、使用者的 SID, 這是在要求驗證時將憑證和傳送者識別碼附加至訊息所需的。The security context contains cached security information such as an internal certificate, the corresponding private key, the user's SID, needed to attach a certificate and the sender identifier to a message when requesting authentication.

如果用戶端 (例如 ASP.NET 應用程式) 模擬使用者將訊息傳送至佇列, 則會使用使用者的身分識別來存取佇列。If a client, such as an ASP.NET application, impersonates a user to send a message to a queue, the identity of the user is used to access the queue. 如果佇列在遠端, 這些認證會被快取, 並用於後續傳送至佇列的訊息。If the queue is remote, these credentials are cached and used for messages that are subsequently sent to the queue. 因此, 後續訊息中的 SID 將是傳送訊息至佇列之第一個使用者的快取身分識別。Therefore, the SID in subsequent messages will be the cached identity of the first user that sent a message to the queue. 將訊息傳送至佇列的第一個使用者快取的識別將會用於後續的使用者。The cached identity of the first user that sent a message to the queue will be used for subsequent users.

若要解決這個問題, 請在將訊息SecurityContext傳送至遠端佇列之前使用設定安全性內容, 以確保使用目前使用者的認證來取得佇列的存取權。To overcome this problem, set the security context using SecurityContext before sending a message to a remote queue to ensure that the current user's credentials are used to gain access to the queue. 不過, 建議的最佳作法是:However, the suggested best practice is to:

  1. 將佇列設為已驗證的佇列。Make the queue an authenticated queue.

  2. 以網域身分識別執行 ASP.NET 應用程式, 並授權該應用程式寫入至佇列。Run the ASP.NET application as a domain identity and authorize that application to write to the queue.

  3. 使用佇列時, 請勿模擬使用者。Do not impersonate the user when using the queue. 相反地, 請取得呼叫者的身分識別, 並在 ASP.NET 應用程式中執行授權檢查, 或在接收者應用程式中包含呼叫者的身分識別做為訊息的一部分, 並執行授權檢查。Instead, get the caller's identity and either perform authorization checking in the ASP.NET application or include the caller's identity as part of the message and perform authorization checking in the receiver application.

方法

Dispose() Dispose() Dispose() Dispose()

釋放 SecurityContext 所使用的所有資源。Releases all resources used by the SecurityContext.

Equals(Object) Equals(Object) Equals(Object) Equals(Object)

判斷指定的物件是否等於目前的物件。Determines whether the specified object is equal to the current object.

(Inherited from Object)
Finalize() Finalize() Finalize() Finalize()
GetHashCode() GetHashCode() GetHashCode() GetHashCode()

做為預設雜湊函式。Serves as the default hash function.

(Inherited from Object)
GetType() GetType() GetType() GetType()

取得目前執行個體的 TypeGets the Type of the current instance.

(Inherited from Object)
MemberwiseClone() MemberwiseClone() MemberwiseClone() MemberwiseClone()

建立目前 Object 的淺層複本 (Shallow Copy)。Creates a shallow copy of the current Object.

(Inherited from Object)
ToString() ToString() ToString() ToString()

傳回代表目前物件的字串。Returns a string that represents the current object.

(Inherited from Object)

適用於