This topic has not yet been rated - Rate this topic

Determining the Dialog Security Type

SQL Server 2008 R2

The type of dialog security that is used for a conversation depends on the options in the BEGIN DIALOG CONVERSATION statement, the settings on the remote service binding for the service, and whether the owner of the initiating service owns a certificate. For each new dialog, SQL Server looks up the remote service binding for the target service in the sys.remote_service_bindings catalog view.

The following table lists the type of dialog security for each valid combination. Notice that if a remote service binding exists, the dialog uses encryption regardless of the settings on the BEGIN DIALOG CONVERSATION statement.

		No remote service binding	Remote service binding with ANONYMOUS = ON	Remote service binding with ANONYMOUS = OFF
Service owner has a certificate	ENCRYPTION = ON	Dialog fails	Anonymous security	Full security
Service owner has a certificate	ENCRYPTION = OFF	No dialog security	Anonymous security	Full security
Service owner does not have a certificate	ENCRYPTION = ON	Dialog fails	Anonymous security	Dialog fails
Service owner does not have a certificate	ENCRYPTION = OFF	No dialog security	Anonymous security	Dialog fails

Dialog fails: SQL Server does not have the information required to provide the requested security. Service Broker ends the conversation and puts an error message on the queue for the initiating service.
No dialog security: SQL Server does not provide dialog security for the dialog. Operations on behalf of the initiating service run as public in the target database. Messages are not encrypted for this dialog. Notice, however, that transport security may encrypt the message on the network.
Anonymous security: SQL Server uses anonymous security. Messages outside of the instance are encrypted for this dialog. Because the target service cannot verify the identity of the initiating service, operations on behalf of the initiating service run as public in the target database.
Full security: SQL Server uses full security. Messages outside of the instance are encrypted for this dialog. Operations on behalf of the initiating service run as the designated user in the target database.

Tasks

How to: Configure Initiating Services for Anonymous Dialog Security (Transact-SQL)

How to: Configure Initiating Services for Full Dialog Security (Transact-SQL)

How to: Configure Target Services for Anonymous Dialog Security (Transact-SQL)

How to: Configure Target Services for Full Dialog Security (Transact-SQL)

How to: Configure Permissions for a Local Service (Transact-SQL)

Concepts

Service Broker Communication Protocols

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)

Community Additions

ADD