{"id":306,"date":"2018-04-07T19:30:17","date_gmt":"2018-04-07T11:30:17","guid":{"rendered":"https:\/\/rol801.com\/wordpress\/?p=306"},"modified":"2018-04-07T19:38:26","modified_gmt":"2018-04-07T11:38:26","slug":"kerberos-double-hop","status":"publish","type":"post","link":"https:\/\/rol801.com\/wordpress\/?p=306","title":{"rendered":"Kerberos Double Hop Setup \u5099\u5fd8"},"content":{"rendered":"

\"\"<\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

Kerberos –\u00a0\u5c0d\u65bc\u81ea\u5df1\u569f\u8b1b\u53eb\u505a\u5e38\u7528\uff0c\u4f46\u4fc2\u6709\u6642\u5019\u90fd\u6703\u5fd8\u8a18\u4e00\u5572\u7279\u5225\u5605Implementation \u65b9\u6cd5\u3002Double Hop \u6b63\u6b63\u4fc2\u81ea\u5df1\u6703\u5fd8\u8a18\u5605\u4e00\u7a2e\u3002<\/p>\n

\u5148\u8b1b\u54a9\u4fc2 Single Hop \uff0f Double Hop\u3002<\/p>\n

\"\"<\/p>\n

 <\/p>\n

\u9867\u540d\u601d\u7fa9 Single Hop > \u5e73\u5e38 \u5e38\u7528\u5605\u5ea6\u6cd5\uff0c\u597d\u4f3cShare Point\u5481
\nDouble Hop > \u540cSingle Hop \u5605\u5225\u5c31\u4fc2\u6703\u518d\u7528Kerberos\u53bbConnect \u53e6\u4e00\u500bSource\u3002 \uff08\u6ce8\u610f\uff1a\u4fc2\u5169\u6b21Kerberos\uff0c\u6211\u6703\u5e38\u5e38\u5fd8\u8a18\u5605\u5c31\u4fc2\u7b2c\u4e8c\u5c64\u7121\u7528Kerberos\u5605\u99c1\u6cd5\u800cFail Error 401)<\/p>\n

\u4e0b\u9762\u7b2c\u4e00\u689dReference URL \u4fc2\u975e\u5e38\u6e05\u6670Setup Guide\u3002<\/p>\n

\u800c\u5e38\u7528Kerberos Hop\u4fc2 IIS Virtual Directory\u6307\u4fc2 UNC Path<\/p>\n

\u81ea\u5df1\u559c\u6b61\u7528\u5605\u65b9\u6cd5\u540cArticle \u8b1b\u5605\u6709\u5572\u5514\u540c<\/p>\n

\u5230\u6cd5\u5982\u4e0b –
\nIIS WebSite \u6703\u7528\u53e6\u4e00\u500b\u540d\uff0c \u5c0f\u7528\u672c\u8eabServer Host Name
\nApplication Pool\u5605Identity \u6703\u7528\u53e6\u4e00\u500bService Account\uff0c\u800c\u5514\u6703\u4fc2Default Built-In Account \u5605 ApplicationPoolIdentity\uff0c\u4ea6\u9700\u8981\u7528 Setspn register Web Server \u5605 SPN \uff08\u7dca\u8a18\u4fc2Web Server \u5c07\u6703\u7528\u5605\u540d\uff09<\/p>\n

\u4fc2\u6703\u7528Kerberos Auth\u5605IIS Website\uff1eAuthentication\uff1eWindows Authentication\uff1eAdvanced Settings > unTick “Enable Kernel-Mode Authentication”\u3002<\/p>\n

\u540c\u57cbWebsite \u5605Configuration Editor > “system.webServer\/security\/authentication\/windowsAuthentication” > “UseAppPoolCrentials” set\u505a”True”<\/p>\n

Windows Authentication \u5165\u9762\u5605Provider\u6703\u63c0
\nNegotiate:Kerberos
\nNegotiate
\nOptional: NTLM (\u5982\u679cWebsite\u78ba\u5b9a\u53ea\u6703\u7528Kerberos\uff0c\u53ef\u4ee5\u5514\u7528NTLM)<\/p>\n

\u4ea6\u5514\u597d\u5fd8\u8a18\uff0cASP.NET Impersonation \u4fc2\u5fc5\u9808\u8981Enable\uff0cDisable “Basic Authentication” & “Anonymous Authentication”<\/p>\n

\u6700\u5f8c \u4fc2\u52a0VirtualDirectory\uff0c\u5373\u5c07\u8981\u7528UNC Path\u5605\u505a\u7b2c\u4e8c\u500bHop\u5605Target\u3002\u4fc2\u7528\\\\host.domain.com \u800c\u5514\u4fc2\\\\IP Address, \u7528IP Address \u5fc5\u5b9a\u6703Fail<\/p>\n

\u81ea\u5df1\u5605\u505a\u6cd5\u5c31\u4fc2\u5481\u3002
\n\u4e4b\u5f8c\u5c31\u53ef\u4ee5\u4fc2Domain Joined PC\u4e0a\u9762\u8a66\u3002\u4fc2Command Prompt\u6253”Klist” \u6703\u898b\u5230\u99c1\u53bbWebServer \u5605Kerberos Ticket<\/p>\n

Reference<\/p>\n

https:\/\/blogs.msdn.microsoft.com\/chiranth\/2014\/04\/17\/setting-up-kerberos-authentication-for-a-website-in-iis\/<\/a><\/p>\n

https:\/\/blogs.technet.microsoft.com\/askds\/2008\/06\/13\/understanding-kerberos-double-hop\/<\/a><\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

        Kerberos –\u00a0\u5c0d\u65bc\u81ea\u5df1\u569f\u8b1b\u53eb\u505a\u5e38\u7528\uff0c\u4f46\u4fc2\u6709\u6642\u5019\u90fd\u6703\u5fd8\u8a18\u4e00\u5572\u7279\u5225\u5605Implementation \u65b9\u6cd5\u3002Double Hop \u6b63\u6b63\u4fc2\u81ea\u5df1\u6703\u5fd8\u8a18\u5605\u4e00\u7a2e\u3002 \u5148\u8b1b\u54a9\u4fc2 Single Hop \uff0f Double Hop\u3002   \u9867\u540d\u601d\u7fa9 Single Hop > \u5e73\u5e38 \u5e38\u7528\u5605\u5ea6\u6cd5\uff0c\u597d\u4f3cShare Point\u5481 Double Hop > \u540cSingle Hop \u5605\u5225\u5c31\u4fc2\u6703\u518d\u7528Kerberos\u53bbConnect \u53e6\u4e00\u500bSource\u3002 \uff08\u6ce8\u610f\uff1a\u4fc2\u5169\u6b21Kerberos\uff0c\u6211\u6703\u5e38\u5e38\u5fd8\u8a18\u5605\u5c31\u4fc2\u7b2c\u4e8c\u5c64\u7121\u7528Kerberos\u5605\u99c1\u6cd5\u800cFail Error 401) \u4e0b\u9762\u7b2c\u4e00\u689dReference URL \u4fc2\u975e\u5e38\u6e05\u6670Setup Guide\u3002 \u800c\u5e38\u7528Kerberos Hop\u4fc2 IIS Virtual Directory\u6307\u4fc2 UNC Path \u81ea\u5df1\u559c\u6b61\u7528\u5605\u65b9\u6cd5\u540cArticle \u8b1b\u5605\u6709\u5572\u5514\u540c \u5230\u6cd5\u5982\u4e0b – IIS WebSite \u6703\u7528\u53e6\u4e00\u500b\u540d\uff0c \u5c0f\u7528\u672c\u8eabServer Host Name Application … Continue reading “Kerberos Double Hop Setup \u5099\u5fd8”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[2],"tags":[],"class_list":["post-306","post","type-post","status-publish","format-standard","hentry","category-it"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p71O8A-4W","jetpack-related-posts":[{"id":285,"url":"https:\/\/rol801.com\/wordpress\/?p=285","url_meta":{"origin":306,"position":0},"title":"\u63a5\u9023\u795e\u79d8Config\u6bd4\u6539\u52d5\u4e8b\u4ef6 I & II ……. Kerberos Auth","author":"rol801","date":"February 10, 2018","format":false,"excerpt":"\u00a0 \u00a0 \u00a0 \u00a0 \u7e7c\u4e8c\u661f\u671f\u524d\u51fa\u73feExchange Server CBA vDirectory \u88ab\u5514\u6b63\u5e38\u5730disable Apphost settings\u00a0\u7531True\u8b8aFalse\u5f8c \u4fc2\u524d\u65e5\u518d\u51fa\u73fe\u795e\u79d8\u4e8b\u4ef6\u3002\u4eca\u6b21\u4fc2\u5169\u500b OKTA Connector \u540c\u6642disconnect\uff0c\u5f15\u767c\u5b8c\u5168\u7121\u6cd5Login\u4e4b\u5916\uff0c\u5c31\u4fc2OKTA IWA(Integrated Windows Authentication) Agent Website\u00a0\u7528\u4f5cKerberose \u5605SPN\u7a81\u7136\u6d88\u5931\u3002 \u6240\u4ee5\u4eca\u6b21\u5462\u500b\u5beb\u5605IIS Configure Kerberos Auth\u5605\u6eab\u6545\u77e5\u65b0 \u4e0b\u9762Reference\u5605Website\u503c\u5f97\u4e00\u7747\u3002\u4f46\u4fc2\u60f3\u7279\u5225\u63d0\u51fa\u8981\u7559\u610f\u5605\u6709\u4ee5\u4e0b \u4fc2\u958b\u5605IIS Website\u6703\u7528Service Account\u4ee5\u5514\u7528Default \u5605Application Pool Identity\uff0c\u5c0d\u5f80\u5f8ccreate SPN\u6703\u5bb9\u6613\u63a7\u5236 \u4fc2IIS\u5605Configuration Editor,\"system.webServer > security > authentication > windowsAuthentication\",\u5165\u9762\u5605 \"useAppPoolCredentials\"\u00a0\u8981Set\u505aTrue \u6700\u5f8c\uff0c\u5982\u679c\u65b0Configure\u5605IIS Website\u540cServer\u672c\u8eab\u6a5f\u540d\u5514\u540c Sample \u6a5f\u540d\u539f\u672c\u4fc2 \"ServerA.domain.local\" \uff0c \u4f46\u4fc2\u65b0IIS WebSite\u2026","rel":"","context":"In "IT"","block_context":{"text":"IT","link":"https:\/\/rol801.com\/wordpress\/?cat=2"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2018\/02\/logo-500px-300x300.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":295,"url":"https:\/\/rol801.com\/wordpress\/?p=295","url_meta":{"origin":306,"position":1},"title":"Azure AD Seamless SSO","author":"rol801","date":"February 28, 2018","format":false,"excerpt":"\u00a0 \u00a0 \u00a0 \u00a0 Seamless SSO\uff0c\u4e00\u500b\u66fe\u7d93\u89ba\u5f97\u597d\u96e3\u597d\u96e3\u5605\u6771\u6771\u3002\u4f46\u4fc2\u7d93\u904e\u5462\u5169\u4e09\u5e74\u524dConfigure Kerberos\uff0c\u540c\u958b\u59cb\u63a5\u89f8SAML\u5f8c\u5f97\u5230\u5605\u7d93\u9a57\u3002 Seamless SSO\u5514\u518d\u4fc2\u5481\u96e3\u4ee5\u89f8\u6478\u3002 \u7b2c\u4e00\uff0c\u90fd\u4fc2\u8981\u591a\u8b1d\u6211\u54cb\u5049\u5927\u5605Microsoft\u3002Azure AD\u4fc2\u4e0a\u5e74\u4e5d\u6708\u5de6\u53f3\u5605Update\u3002 Pass-Through Authentication\u3002Microsoft \u89e3\u91cbBenefit\u4fc2Authentication\u6703\u8fd4\u8fd4OnPremises AD\u505a\uff0c\u53ef\u4ee5\u5514\u9700\u8981\u958bPassword Sync\u3002 \u4fc2\u53e6\u4e00\u65b9\u9762\uff0c\u96d6\u7136\u5df2\u7d93\u6709ADFS WAP\uff0c\u4f46\u4fc2\u4fc2DMZ\u5605\u95dc\u4fc2\uff0c\u4fc2\u7121join AD\u3002\u6240\u4ee5Azure Pre-Authentication\u4fc2\u7528\u5514\u5230\u3002\u4fc2\u53e6\u4e00\u65b9\u9762\uff0c\u96d6\u7136\u5df2\u7d93\u6709ADFS WAP\uff0c\u4f46\u4fc2\u4fc2DMZ\u5605\u95dc\u4fc2\uff0c\u4fc2\u7121join AD\u3002\u6240\u4ee5Azure Pre-Authentication\u4fc2\u7528\u5514\u5230\u3002\u4f46\u4fc2\u7528Application Proxy Connector\u5c31\u7121\u5462\u500b\u9650\u5236\u3002Application Proxy Connector\u53ef\u4ee5\u5b89\u88dd\u4fc2\u4efb\u4f55\u4e00\u90e8Domain Joined Server\u3002\u4fc2\u5462\u500b\u56e0\u7d20\u4e4b\u4e0b\uff0cMachine Account \u884c Kerberos\u5c31\u7d55\u5c0d\u7121\u96e3\u5ea6\u3002 \u6b65\u9a5f\u53ef\u4ee5\u7167\u8ddfMicrosoft\u3002\u8b02\u7368\u6709\u4e00\u500bStep\u4ee4\u6211\u7279\u5225\u7559\u610f\uff0c\u56e0\u70ba\u540c\u4ee5\u5f80Configure KCD\u5514\u540c\u3002Common\u4fc2Delegation - \"Trust this computer for delegation to specified services only\" \u4e0b\u9762\u5605Section\u4fc2\u63c0\u00a0\"Kerberos only\"\uff0c\u4f46\u4fc2\u4eca\u6b21Config Application Proxy Delegation\u4fc2\u7528\"Use Any\u2026","rel":"","context":"In "Azure AD"","block_context":{"text":"Azure AD","link":"https:\/\/rol801.com\/wordpress\/?cat=14"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2018\/02\/microsoft-azure-640x401.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2018\/02\/microsoft-azure-640x401.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2018\/02\/microsoft-azure-640x401.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":134,"url":"https:\/\/rol801.com\/wordpress\/?p=134","url_meta":{"origin":306,"position":2},"title":"\u521d\u8a66SAML\u5927\u96c6\u6703 ….. 1.OKTA 2.Sales Force 3.ADFS","author":"rol801","date":"October 15, 2016","format":false,"excerpt":"\u00a0 \u7d55\u5c0d\u4fc2\u65b0\u6311\u6230 !!!!! SAML\u00a0\u00a0\u00a0\u00a0\u00a0 \u4e00\u76f4\u4fc2\u4ee5\u5f80\u5514\u591a\u6562\u53bb\u6382\u5605\u91ce\u3002\u76f8\u6bd4Kerberos\uff0cSAML\u6709\u81ea\u5df1\u89ba\u5f97\u597d\u96e3\u7747\u5605XML (Recursive xml\uff09\u3002\u8ad7\u8d77\u90fd\u6015\u6015\u3002\u6015\u6015\u3002 \u57fa\u5982\u569f\u7dca\u597d\u9ad8\u6a5f\u6703\u8981\u7528\u540c\u81ea\u5df1\u5605\u672a\u96e8\u7da2\u7e46\uff0c\u6c7a\u5b9a\u653e\u624b\u7747\u7747\u4f62...... \u7b2c\u4e00\u4fc2\u6435\u7528\u5605IdP\uff08Identity Provider) \u540cSP(Service Provider) \u96d6\u7136\u5df2\u7d93\u6709ADFS\u4fc2\u5230\u53ef\u7528\uff0c \u4f46\u4fc2ADFS\u5514\u4fc2\u5462\u500b\u4eca\u6b21Buildup\u6700\u521d\u6703\u7528\u5605\u3002 SalesForce\u5df2\u77e5\u5605\u4fc2\u5927\u8def\u5605Service Provider\u3002\u3002 Production \u8981\u9322\u7121\u53ef\u80fd\u3002\u4f46\u4fc2Developer Edition\u4fc2\u5169\u500bUser\u514d\u8cbb \uff0c\u672a\u6435\u5230\u6709\u7121Support\u3002 \u8d85\u5b64\u5bd2\u3002\u3002\u3002\u3002 \u5df2IdP\u4fc2\u6435\u5605\u7576\u4e2d\u7747\u5230OKTA\u3002\u3002 \u4f62\u5c0d\u6bd4\u597d\u5572\u3002 \u4e09\u500bApp\uff0c\u4e00\u767e\u500bUser\u4fc2\u6c38\u4e45\u514d\u8cbb\uff0c\u4ea6\u6709Support\u3002 \u597d\u5572 \u597d\u3002\u3002\u3002 \u6e96\u5099\u5b8c\u6210\u3002\u3002 \u958b\u5de5 \u5927\u81f3\u4e0a\u5605Concept AD \u4fc2Identity\u00a0 Source\uff0c \u6700\u521d\u4ee4\u81ea\u5df1\u4e82\u5605\u4fc2\u9ede\u958bOKTA\u5605UserID. \u56e0\u70ba\u4fc2\u672a\u5b89OKTA Agent\u540cAD link\u57cb\u4e4b\u524d\u3002 OKTA \u81ea\u5df1\u5605user account\u90fd\u4fc2\u7528\u540c\u4e00\u500bdomain suffix. Password \u4e00\u6a23\u6703\u96e3\u53bb\u78ba\u5b9a\u3002 \u4f46\u4fc2\u767c\u73fe\u7576\u5b89\u5b8cOKTA Agent match \u597duser\u4e4b\u5f8c\u3002 \u4fc2\u5f97\u8fd4AD password. \u5373\u4fc2\u5514\u9700\u8981\u6435account \u505alocal\u2026","rel":"","context":"In "ADFS"","block_context":{"text":"ADFS","link":"https:\/\/rol801.com\/wordpress\/?cat=13"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/10\/ADFSSalesforceConfig.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/10\/ADFSSalesforceConfig.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/10\/ADFSSalesforceConfig.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/10\/ADFSSalesforceConfig.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/10\/ADFSSalesforceConfig.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":201,"url":"https:\/\/rol801.com\/wordpress\/?p=201","url_meta":{"origin":306,"position":3},"title":"Exchange 2013 EAS \/ EWS Multi Instance\u5f8c\u7e8c","author":"rol801","date":"May 21, 2017","format":false,"excerpt":"\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u57fa\u65bc\u4fc2\u4e00\u90e8Exchange CAS\u4e4b\u5167\u540c\u610f\u53ef\u4ee5\u7528\u5514\u540c\u5605Authentication Method (Password, Kerberos, Certificate) \u3002 \u800c\u767c\u73feExchange EWS\u4fc2\u6703\u5169\u500binstance \u540c\u6642response(Password Auth \/ Certificate Auth) \uff0c \u908a\u6210Outlook Client \u7576\u8981\u7528Web Service\u505anotification\u5605\u6642\u5019\uff0cIIS\u51fa\u73fe Error 500 0 64\u3002 \"POST \/EWS\/Exchange.asmx - 443 - 10.0.1.35 Microsoft+Office\/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.7927;+Pro) - 500 0 64 15\" \u4f46\u4fc2\u9ede\u89e3\u5462\uff1f \u4fc2\u7121\u4eba\u8b1bEWS Multi Instance\u5605\u60c5\u6cc1\u4e4b\u4e0b\uff0c\u6435\u5de6\u56db\u65e5\u90fd\u7121\u54a9\u982d\u7cb9\u3002 \u65b9\u5411\u6539\u8b8a\u8ad7\u5982\u4f55\u4ee4Outlook \u53ea\u6435Default \u500bEWS\uff0c\u800cMobileDevice \u65e2Mail Profile \u56e0\u70ba\u7531MDM\u2026","rel":"","context":"In "IT"","block_context":{"text":"IT","link":"https:\/\/rol801.com\/wordpress\/?cat=2"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2016\/08\/images.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":313,"url":"https:\/\/rol801.com\/wordpress\/?p=313","url_meta":{"origin":306,"position":4},"title":"Kerberos Double Hop Setup \u5099\u5fd8 – Part 2","author":"rol801","date":"April 9, 2018","format":false,"excerpt":"\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u4eca\u65e5\u7e7c\u7e8c\u8a66\u843d\u53bb\uff0c\u5c31\u767c\u73fe\u81ea\u5df1\u4fc2\u6709\u53e6\u4e00\u90e8\u505a\u524dSet\u843d\u5df2\u7d93\u7528\u7dcaDouble Hop\u5605\u6a5f\u3002 Setup\u518d\u6709\u5c0f\u5c0f\u5514\u540c DoubleHop Website\u7121enable ASP.Net Impersonation Application Pool \u4fc2\u7528.Net Framework v4.0.30319 . Managed pipeline mode \u4fc2\"Integrated\" \uff08\u5982\u679c\u6709Enable ASP.Net Impersonation\uff0c\u4f46\u4fc2Pipeline mode \u4fc2Integrated\uff0c\u6703\u51faError 500)","rel":"","context":"In "IT"","block_context":{"text":"IT","link":"https:\/\/rol801.com\/wordpress\/?cat=2"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2018\/02\/logo-500px-300x300.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":365,"url":"https:\/\/rol801.com\/wordpress\/?p=365","url_meta":{"origin":306,"position":5},"title":"iOS Supervised Device \u7528 Global HTTP Proxy Profile \u51fa\u73feMDM Device Check-In Activity \u5931\u8e64\u4e8b\u4ef6","author":"rol801","date":"July 28, 2018","format":false,"excerpt":"\u00a0 \u00a0 \u00a0 \u00a0 \u7e8c\u4e0a\u4e00\u500bPost\u3002 pFSense\u52a0Squid Proxy\u5df2\u7d93Config \u597d\u3002Proxy Pac\u4ea6\u5df2\u7d93\u653e\u4fc2Web Server\u3002\u4fc2PC Browser\u53ef\u4ee5\u9806\u5229\u7528\u5230Proxy\uff0c\u6e96\u5099\u5de5\u4f5c\u5b8c\u6210\u3002 \u4fc2Apple Community\u5165\u9762\u6435\u5230\u4e00\u500b\u5e7e\u597d\u5605Discussion AppProxy Provider vs Global Proxy \u4ee5\u81ea\u5df1\u7406\u89e3\uff0cAppProxyProvider \u4fc2 MDM Vendor \u5605App Gateway\u6216\u8005\u4fc2\u6211\u54cb\u8b1bMDM\u5605PreApp VPN Gateway\uff0c\u7b49\u540cMobileIron \u5605 Sentry \u81ea\u5df1\u5605\u63a8\u65b7\u540c\u4e0b\u9762\u5462\u6bb5Message\u5dee\u5514\u591a To start, I want to be clear about one thing: App proxy providers and the global HTTP proxy are very different\u2026","rel":"","context":"In "iOS"","block_context":{"text":"iOS","link":"https:\/\/rol801.com\/wordpress\/?cat=15"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rol801.com\/wordpress\/wp-content\/uploads\/2018\/07\/Squid_Software_Logo.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/306","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=306"}],"version-history":[{"count":5,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/306\/revisions"}],"predecessor-version":[{"id":312,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/306\/revisions\/312"}],"wp:attachment":[{"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=306"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=306"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rol801.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=306"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}