Bewerken

Share via


HttpListener.DefaultServiceNames Property

Definition

Gets a default list of Service Provider Names (SPNs) as determined by registered prefixes.

public:
 property System::Security::Authentication::ExtendedProtection::ServiceNameCollection ^ DefaultServiceNames { System::Security::Authentication::ExtendedProtection::ServiceNameCollection ^ get(); };
public System.Security.Authentication.ExtendedProtection.ServiceNameCollection DefaultServiceNames { get; }
member this.DefaultServiceNames : System.Security.Authentication.ExtendedProtection.ServiceNameCollection
Public ReadOnly Property DefaultServiceNames As ServiceNameCollection

Property Value

A ServiceNameCollection that contains a list of SPNs.

Remarks

The DefaultServiceNames property is used with integrated Windows authentication to provide extended protection. The list of SPNs is initialized from the Prefixes property when accessed and cleared when new prefixes are added to the Prefixes property.

The DefaultServiceNames property is used if an application doesn't set the CustomServiceNames property on its extended protection policy.

The ServiceNameCollection that is retrieved with the DefaultServiceNames property is built from the Prefixes property according to the following rules:

  1. If the hostname is "+", "*", or an IPv4 or IPv6 literal (equivalent to "*" but restricted to a specific local interface), the following SPN is added:

"HTTP/" plus the fully qualified domain name of the computer.

  1. If the hostname contains no dots (no domains or subdomains), an attempt is made to resolve the fully-qualified domain name using DNS (the same behavior used by HttpWebRequest). If the fully-qualified domain name can be resolved, the following SPNs are added:

"HTTP/" plus the hostname (the short name).

"HTTP/" plus the fully qualified domain name for the hostname.

  1. If the hostname contains not dots (no domains or subdomains) and a fully-qualified domain name can't be resolved, the following SPN is added:

"HTTP/" plus the hostname.

  1. If the hostname contains dots (domains or subdomains), the following SPN is added:

"HTTP/" plus the hostname.

The DefaultServiceNames property can be used by an application to review the list of default SPNs which will be used for authentication if no custom list is supplied. If other SPNs are needed, an application can add them using one of the Merge methods.

It is not safe when using extended protection to make policy decisions based on the requested URL, since this can be spoofed. Rather, applications should rely on the LocalEndPoint or RemoteEndPoint properties to make such policy decisions.

Applies to

See also