[英]Kerberos - What is an SPN and why is it used
I am trying to setup SPNEGO in Jetty using these instructions: https://wiki.eclipse.org/Jetty/Howto/Spnego . 我正在尝试使用以下说明在Jetty中设置SPNEGO: https : //wiki.eclipse.org/Jetty/Howto/Spnego 。
What I would like to know is what is the SPN (from googling it looks like some sort of alias) and why is it actually used? 我想知道什么是SPN(通过谷歌搜索它看起来像某种别名),为什么要实际使用它? (ie what does it add - extra security? if so - why?)
(即,它增加了什么-额外的安全性?如果是的话-为什么?)
Thanks. 谢谢。
SPN is the Service Principal Name and is by no means a side characeter in Kerberos. SPN是服务主体名称,决不是Kerberos中的辅助字符。 Basically, it is the equivalent of the username, but for the server side.
基本上,它等效于用户名,但用于服务器端。 The Ticket-Granting Service knows about all Service Principals and their passwords, and encrypts the Service Ticket with that password.
票证授予服务知道所有服务主体及其密码,并使用该密码对服务票证进行加密。 In order to acquire a Service Ticket for a certain service, obviously you must know its SPN.
为了获得某种服务的服务票,显然您必须知道其SPN。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.