C# servicePrincipalName 应该有什么值?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1292183/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
What value should the servicePrincipalName have?
提问by
I'm trying to set up client impersonation on my service.
我正在尝试在我的服务上设置客户端模拟。
I need to set a value for the servicePrincipalName of my services endPoint
我需要为我的服务端点的 servicePrincipalName 设置一个值
I'm looking at this MSDN articlebut still cannot quite figure it out
我正在看这篇MSDN 文章,但仍然无法弄清楚
My service is hosted in a console app on a server that we'll call ServerName1.
The Uri is: net.tcp://ServerName1:9990/TestService1/.
我的服务托管在我们称为 ServerName1 的服务器上的控制台应用程序中。
Uri 是:net.tcp://ServerName1:9990/TestService1/。
What specifically should my servicePrincipalName be?
我的 servicePrincipalName 应该是什么?
I tried, with no joy:
我试过,没有任何乐趣:
<identity>
<servicePrincipalName value="ServerName1" />
</identity>
回答by Rune FS
The name of the user you wish the service to user (execute under). So if you want to execute it under 'local network' credentials the above XML should look like:
您希望为用户提供服务的用户名(在其下执行)。因此,如果您想在“本地网络”凭据下执行它,上述 XML 应如下所示:
<identity>
<servicePrincipalName value="Local Network" />
</identity>
回答by Bogdan_Ch
Configuring servicePrincipleName is a difficult topic to describe it in a few words Perhaps these articles will help:
配置 servicePrincipleName 是一个很难用几句话来描述的话题,也许这些文章会有所帮助:
Most probably, you need to configure it the following way
很可能,您需要按以下方式配置它
<identity>
<servicePrincipalName value="HOST/ServerName1:9990" />
</identity>
We usually use userPrincipalName instead of servicePrincipalName, like this
我们通常使用 userPrincipalName 而不是 servicePrincipalName,像这样
<identity>
<userPrincipalName value="[email protected]" />
</identity>
回答by Geert
For a complete guide on how to build your SPN, check out these articles:
有关如何构建 SPN 的完整指南,请查看以下文章:
Those are more about the infrastructure side (ADDS) but the first part is very usefull for programmers too
这些更多是关于基础设施方面(ADDS),但第一部分对程序员也非常有用
回答by antonio
When using WCF services hosted by IIS.
使用 IIS 托管的 WCF 服务时。
We have using "host/computerName", as <servicePrincipalName />, for anonymous connection. Inside of your WCF application, you can set the application pool, for example "iis apppool\defaultAppPool", this user will be the real connected user.
我们使用 "host/computerName", as<servicePrincipalName />进行匿名连接。在你的 WCF 应用程序内部,你可以设置应用程序池,例如“iis apppool\defaultAppPool”,这个用户将是真正的连接用户。
In the below image /C??????DataService is the application name ("Tom's TestService1") Application Pool: C????Pool can be "DefaultAppPool", in the case of "Application User (pass-through authentication)", you will use the "IIS AppPool\DefaultAppPool" as a user to grant rights to specific resource, like a file or a sql server connection string.
在下图中,/C??????DataService 是应用程序名称(“Tom's TestService1”)应用程序池:C????Pool 可以是“DefaultAppPool”,在“应用程序用户(传递身份验证)”的情况下)”,您将使用“ IIS AppPool\DefaultAppPool”作为用户授予特定资源的权限,例如文件或 sql server 连接字符串。
And, even using anonymous authentication, you can set "forms authorization", to an specific resource inside the WCF application, for example "MasterSettings.svc".
而且,即使使用匿名身份验证,您也可以将“表单授权”设置为 WCF 应用程序内的特定资源,例如“MasterSettings.svc”。
hope this helps
希望这可以帮助
