SpnEndpointIdentity 類別

定義

當繫結使用 Kerberos 時,代表身分識別的服務主要名稱 (SPN)。Represents a service principal name (SPN) for an identity when the binding uses Kerberos.

public ref class SpnEndpointIdentity : System::ServiceModel::EndpointIdentity
public class SpnEndpointIdentity : System.ServiceModel.EndpointIdentity
type SpnEndpointIdentity = class
    inherit EndpointIdentity
Public Class SpnEndpointIdentity
Inherits EndpointIdentity
繼承
SpnEndpointIdentity

範例

下列程式碼說明建立本類別執行個體的常用方式。The following code shows one common way to create an instance of this class.

static EndpointIdentity CreateIdentity()
 {
     WindowsIdentity self = WindowsIdentity.GetCurrent();
     SecurityIdentifier sid = self.User;

     EndpointIdentity identity = null;

     if (sid.IsWellKnown(WellKnownSidType.LocalSystemSid) ||
         sid.IsWellKnown(WellKnownSidType.NetworkServiceSid) ||
         sid.IsWellKnown(WellKnownSidType.LocalServiceSid))
     {
         identity = EndpointIdentity.CreateSpnIdentity(
             String.Format(CultureInfo.InvariantCulture, "host/{0}", GetMachineName()));
     }
     else
     {
         // Need an UPN string here
         string domain = GetPrimaryDomain();
         if (domain != null)
         {
             string[] split = self.Name.Split('\\');
             if (split.Length == 2)
             {
                 identity = EndpointIdentity.CreateUpnIdentity(split[1] + "@" + domain);
             }
         }
     }

     return identity;
 }
Private Shared Function CreateIdentity() As EndpointIdentity
     Dim self As WindowsIdentity = WindowsIdentity.GetCurrent()
     Dim sid As SecurityIdentifier = self.User

     Dim identity As EndpointIdentity = Nothing

     If sid.IsWellKnown(WellKnownSidType.LocalSystemSid) OrElse sid.IsWellKnown(WellKnownSidType.NetworkServiceSid) OrElse sid.IsWellKnown(WellKnownSidType.LocalServiceSid) Then
         identity = EndpointIdentity.CreateSpnIdentity(String.Format(CultureInfo.InvariantCulture, "host/{0}", GetMachineName()))
     Else
         ' Need an UPN string here
         Dim domain As String = GetPrimaryDomain()
         If domain IsNot Nothing Then
             Dim split() As String = self.Name.Split("\"c)
             If split.Length = 2 Then
                 identity = EndpointIdentity.CreateUpnIdentity(split(1) & "@" & domain)
             End If
         End If
     End If

     Return identity
End Function

備註

SPN 是用戶端用來唯一識別服務執行個體的名稱。An SPN is the name by which a client uniquely identifies an instance of a service. 若您透過樹系在電腦上安裝多個服務執行個體,則每個執行個體都須有自己的 SPN。If you install multiple instances of a service on computers throughout a forest, each instance must have its own SPN. 若用戶端需使用多個名稱進行驗證,則指定的服務執行個體可擁有多個 SPN。A given service instance can have multiple SPNs if there are multiple names that clients might use for authentication.

當用戶端要連接服務時,它會尋找服務執行個體,編出該執行個體的 SPN,並將身分識別設為 SpnEndpointIdentityWhen a client wants to connect to a service, it locates an instance of the service, composes an SPN for that instance, and sets the identity to a SpnEndpointIdentity. 會檢查該訊息是否要傳給該服務。A check will be made that the message is intended for that service.

Kerberos 使用的三種驗證模式為︰The three authentication modes used under Kerberos are:

  • SSPINegotiateSSPINegotiate

  • KerberosKerberos

  • KerberosOverTransport.KerberosOverTransport.

建構函式

SpnEndpointIdentity(Claim)

使用指定的身分識別宣告,初始化 SpnEndpointIdentity 類別的新執行個體。Initializes a new instance of SpnEndpointIdentity with the specified identity claim.

SpnEndpointIdentity(String)

使用指定的服務主要名稱 (SPN),初始化 SpnEndpointIdentity 類別的新執行個體。Initializes a new instance of SpnEndpointIdentity with the specified service principal name (SPN).

屬性

IdentityClaim

取得對應到身分識別的身分識別宣告。Gets the identity claim that corresponds to the identity.

(繼承來源 EndpointIdentity)
SpnLookupTime

指定查閱服務主要名稱 (SPN) 所允許的最長時間。Specifies the maximum time allowed to look up the service principal name (SPN).

方法

Equals(Object)

傳回值,這個值會判斷指定的物件是否與目前的身分識別物件相等,或是否擁有相同的安全性屬性。Returns a value that determines whether a specified object is equal to the current identity object or if they have equal security properties.

(繼承來源 EndpointIdentity)
GetHashCode()

針對身分識別目前的執行個體提供雜湊程式碼。Provides a hash code for the current instance of the identity.

(繼承來源 EndpointIdentity)
GetType()

取得目前執行個體的 TypeGets the Type of the current instance.

(繼承來源 Object)
Initialize(Claim)

使用指定的宣告初始化 EndpointIdentityInitializes an EndpointIdentity with the specified claim.

(繼承來源 EndpointIdentity)
Initialize(Claim, IEqualityComparer<Claim>)

使用指定的宣告及介面來初始化 EndpointIdentity 並比較是否相等。Initializes an EndpointIdentity with the specified claim and an interface and compares equality.

(繼承來源 EndpointIdentity)
MemberwiseClone()

建立目前 Object 的淺層複製。Creates a shallow copy of the current Object.

(繼承來源 Object)
ToString()

傳回身分識別。Returns the identity.

(繼承來源 EndpointIdentity)

適用於