HttpListener.DefaultServiceNames 屬性


取得由已註冊前置詞所決定之服務提供者名稱 (SPN) 的預設清單。Gets a default list of Service Provider Names (SPNs) as determined by registered prefixes.

 property System::Security::Authentication::ExtendedProtection::ServiceNameCollection ^ DefaultServiceNames { System::Security::Authentication::ExtendedProtection::ServiceNameCollection ^ get(); };
public System.Security.Authentication.ExtendedProtection.ServiceNameCollection DefaultServiceNames { get; }
member this.DefaultServiceNames : System.Security.Authentication.ExtendedProtection.ServiceNameCollection
Public ReadOnly Property DefaultServiceNames As ServiceNameCollection


ServiceNameCollection,包含 SPN 清單。A ServiceNameCollection that contains a list of SPNs.


DefaultServiceNames 屬性會與整合式 Windows 驗證搭配使用,以提供擴充保護。The DefaultServiceNames property is used with integrated Windows authentication to provide extended protection. 當將新的前置詞新增至 Prefixes 屬性時,會從 Prefixes 屬性初始化 Spn 清單。The list of SPNs is initialized from the Prefixes property when accessed and cleared when new prefixes are added to the Prefixes property.

如果應用程式未在其擴充保護原則上設定 [CustomServiceNames] 屬性,則會使用 [DefaultServiceNames] 屬性。The DefaultServiceNames property is used if an application doesn't set the CustomServiceNames property on its extended protection policy.

使用 DefaultServiceNames 屬性抓取的 ServiceNameCollection 是根據下列規則從 Prefixes 屬性建立的:The ServiceNameCollection that is retrieved with the DefaultServiceNames property is built from the Prefixes property according to the following rules:

  1. 如果主機名稱為 "+"、"*" 或 IPv4 或 IPv6 常值(相當於 "*",但僅限於特定的本機介面),則會新增下列 SPN:If the hostname is "+", "*", or an IPv4 or IPv6 literal (equivalent to "*" but restricted to a specific local interface), the following SPN is added:

"HTTP/" 加上電腦的完整功能變數名稱。"HTTP/" plus the fully qualified domain name of the computer.

  1. 如果主機名稱未包含任何點(沒有網域或子域),則會嘗試使用 DNS 解析完整功能變數名稱(HttpWebRequest所使用的相同行為)。If the hostname contains no dots (no domains or subdomains), an attempt is made to resolve the fully-qualified domain name using DNS (the same behavior used by HttpWebRequest). 如果可以解析完整功能變數名稱,則會新增下列 Spn:If the fully-qualified domain name can be resolved, the following SPNs are added:

"HTTP/" 加上主機名稱(簡短名稱)。"HTTP/" plus the hostname (the short name).

"HTTP/" 加上主機名稱的完整功能變數名稱。"HTTP/" plus the fully qualified domain name for the hostname.

  1. 如果主機名稱不包含點(沒有網域或子域),而且無法解析完整功能變數名稱,則會新增下列 SPN:If the hostname contains not dots (no domains or subdomains) and a fully-qualified domain name can't be resolved, the following SPN is added:

"HTTP/" 加上主機名稱。"HTTP/" plus the hostname.

  1. 如果主機名稱包含點(網域或子域),則會新增下列 SPN:If the hostname contains dots (domains or subdomains), the following SPN is added:

"HTTP/" 加上主機名稱。"HTTP/" plus the hostname.

如果未提供任何自訂清單,應用程式可以使用 DefaultServiceNames 屬性來檢查預設 Spn 的清單,以用於驗證。The DefaultServiceNames property can be used by an application to review the list of default SPNs which will be used for authentication if no custom list is supplied. 如果需要其他 Spn,應用程式可以使用其中一個 Merge 方法來新增它們。If other SPNs are needed, an application can add them using one of the Merge methods.

使用 [擴充保護] 根據要求的 URL 來做出原則決策並不安全,因為這可能是偽造的。It is not safe when using extended protection to make policy decisions based on the requested URL, since this can be spoofed. 相反地,應用程式應該依賴 LocalEndPointRemoteEndPoint 屬性來進行這類的原則決策。Rather, applications should rely on the LocalEndPoint or RemoteEndPoint properties to make such policy decisions.