zoukankan      html  css  js  c++  java
  • DCOM和RPC,两者的认证过程有什么区别?

    I had similar question about DCOM/RPC authentication. Having studied for several days, i got conclusion:

    1. Although DCOM/RPC claim they support several authentication mechanism, but ironically, DCOM/RPC themselves have not provided any inline login dialog(such as showed when access Shared Folder of server). DCOM/RPC client infrastructure have not provided any common way to store authentication settings externally(such as Windows Credential Store), this is very inconvenient.
    2. If client user is logged in as a domain user and server is also in the domain or the client user/password are also valid in server's local account db, the identity will be used by default.
    3. When DCOM/RPC use Named Pipe as transport, it is built on top of SMB protocol(port 445), the client must first authenticate by run command "net use \\SERVER /user:USER" then input password" or enter \\SERVER in explorer to login to server, otherwise simply "Access Denied".
    4. When DCOM/RCP use TCP transport(port 135), The client must set user/password... in COAUTHINFO of DCOM's CoGetClassObject or RPC_AUTH_IDENTITY_HANDLE of RPC's RpcBindingSetAuthInfo, otherwise treated as "ANONYMOUS LOGON" in server side, but most likely, finally cause "Access Denied" due to DCOMCNFG default ACL settings.
    5. DCOM component's authentication method and ACL settings can be controlled by DCOMCNFG external utility, at machine-level or component-level, at anytime. But RPC component can not, instead, they can only be defined when create RPC component.
    6. DCOM component's ACL settings can be further strengthened by use "Set Limits" in DCOMCNFG utility, "Set Limits" let use control maximum possible permissions forcibly for each DCOM component.
  • 相关阅读:
    Java + Element-UI 实现简单的树形菜单
    简单了解一下 Nginx
    使用阿里云 OSS 存储、访问图片(Java)
    JSR 303 进行后台数据校验
    SpringBoot 常用注解
    12、js——轮播图
    11、js——定时调用和延时调用
    11、js——BOM
    10、js——事件
    9、js——样式相关的操作
  • 原文地址:https://www.cnblogs.com/jjkv3/p/15727687.html
Copyright © 2011-2022 走看看