How to: Configure Permissions for a Local Service (Transact-SQL)
SQL Server enforces SEND permission for each service and RECEIVE permissions for each queue. The security principal that owns the initiating service must have SEND permission on the target service. The security principal for an application must have RECEIVE permission for each queue that the application receives messages from.
This procedure is a simplified form of the procedure for creating a remote security configuration. In both cases, you grant SEND permission on the destination service and RECEIVE permission on the queue for the service that sends the messages. For a remote security configuration, however, you must also configure Service Broker security to correctly identify the remote user. For a configuration within a single database, you only need to grant permissions.
This example configures permissions to allow BrokerApplicationUser to send messages from the service that uses the queue StoreFrontQueue to the service Ordering. This procedure assumes that the user, the services, and the queue already exist.
USE AdventureWorks ; GO -- This example sets permissions for a service -- program that sends messages to the Ordering service -- and receives messages from the StoreFrontQueue queue. -- Grant SEND permission on the service to the owner -- of the initiating service. GRANT SEND ON SERVICE::[Ordering] TO [BrokerApplicationUser] ; GO -- Grant RECEIVE permission on the queue. GRANT RECEIVE ON [StoreFrontQueue] TO [BrokerApplicationUser] ; GO
TasksHow to: Configure Target Services for Anonymous Dialog Security (Transact-SQL)
How to: Configure Target Services for Full Dialog Security (Transact-SQL)
How to: Configure Initiating Services for Full Dialog Security (Transact-SQL)
How to: Configure Initiating Services for Anonymous Dialog Security (Transact-SQL)
ConceptsService Broker User-Level Permissions
Other ResourcesGRANT (Transact-SQL)
GRANT Service Broker Permissions (Transact-SQL)