WCF Client default SPN generation

谁说我不能喝 提交于 2020-01-07 03:17:08

问题


How does WCF client generates target Service's SPN dynamically to get the kerberos ticket in Spnego Use case? For example, if the target service is running under domain machine account, SPN associated with the Service would be in the form 'host/machinename'.

If we try to call the service using wcf client, wcf client is able to get the ticket for host/machinename. I initially thought that wcf client might be using hardcoded string host/+domainname by default.

But If I change the target service to run under domain user and associate SPN named "http/machinename" with the domain user, wcf client is still able to generate the ticket for this service successfully.

How does WCF client decides whether to use prefix 'host/' or 'http/' in these scenarios.

I know that there is a way to add custom spn on the client side under endpoint element but I'm interested to know how it works by default.


回答1:


The default is host/myhostname for Windows credential type. This is also the expected SPN while running the WCF service with a machine account.

Note that the WSDL will include the Identity (e.g. SPN), so the WCF client can use that information while connecting. Check the WCF Test Client Config file to see what is actually generated.



来源:https://stackoverflow.com/questions/24966779/wcf-client-default-spn-generation

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!