Internet Messaging Overview

Applies To: Windows Server 2008

Internet messaging overview

This version of Message Queuing provides support for Internet and intranet messaging, with the following features:

• Reference queues using URL addresses.

• Send and receive HTTP messages to destination queues on an intranet or over the Internet in XML-based, SOAP Reliable Messaging Protocol (SRMP) format.

• Authenticate messages sent over HTTPS.

• Support for messaging through firewalls and perimeter networks.

• Web farm support, including a facility for mapping between external logical queue names and internal queue names, so that internal names do not need to be exposed to message senders.

• Support for deployment of Message Queuing in hardened MSMQ mode, to enhance the security of Message Queuing computers on the Internet.

HTTP messages

This version of Message Queuing includes an optional HTTP Support component, to send and receive messages in an intranet or over the Internet with the HTTP/HTTPS protocol, in addition to the Message Queuing protocol. Messages can be sent over HTTP/HTTPS to destination queues on an intranet within an enterprise or over the Internet, and the sender and recipient can be in different forests or organizations. HTTP/HTTPS is automatically chosen as the transport for any Message Queuing message sent using an HTTP/HTTPS format name. For more information, see HTTP/HTTPS messages.

SRMP messages

SOAP Reliable Messaging Protocol (SRMP) is designed as a reliable end-to-end messaging protocol for sending HTTP messages. Message properties are transmitted in XML, rather than in binary form. Message Queuing transforms message properties to specific SRMP elements, and then on the receiver side, maps these elements to the respective Message Queuing properties before storing the message. For more information, see SRMP Messages.

HTTPS authentication

Using HTTPS to send messages ensures authentication of users requesting access to Message Queuing resources by means of a Web server, and establishes a Secure Sockets Layer (SSL) connection for secure communication. A direct format name containing HTTPS as the protocol name invokes a secure HTTP transport through an SSL channel. SSL uses certificates to allow clients and Web servers to authenticate each other, and encryption keys to establish a secure communication connection. For more information, see HTTPS Authentication.

Message Queuing in hardened MSMQ mode

To enhance the security of Message Queuing computers in an Internet environment and when sending and receiving HTTP messages, Message Queuing can be deployed in hardened MSMQ mode. Hardened MSMQ mode imposes restrictions on non-HTTP messaging. For more information, see Message Queuing in Hardened MSMQ Mode.

Messaging with perimeter networks

Most organizations connect to the Internet using a proxy server and a perimeter network protected by firewalls. Incoming messages pass through the firewall, and outgoing messages are sent through a proxy server. The proxy server is a mediator between the organization's intranet and the Internet world. It provides caching and decoupling. Message Queuing uses an HTTP proxy to connect to Web addresses for delivering HTTP messages. Message Queuing thus needs to know the name of the proxy server and the applicable port to which it must connect. At the same time, there may be a list of target names for which the proxy connection is bypassed; that is, Web addresses that do not need to be accessed through the proxy server. An attempt is made to establish a direct connection with such targets. All of the information regarding proxy servers is stored in registry keys. For more information, see Configuring Firewalls for Message Queuing and Configuring Message Queuing with a Proxy Server.

Message Queuing with ISA Server

To use Message Queuing with ISA Server, install ISA Server Service Pack 1 or later. For more information, see ISA Server Service Pack 1.

Web farm support

For increased scalability and availability, Message Queuing with HTTP Support installed integrates with common network load-balancing mechanisms. Message Queuing applications can be deployed on the nodes of a Network Load Balancing cluster to receive and process messages sent to the cluster. When messages are sent over HTTP transport to a queue at a virtual URL address, a TCP session is established with one of the nodes in the cluster. For more information, see Using Web Farm Technology to Provide High Availability for Message Queuing.

Similar Web farms can also be implemented using other load-balancing mechanisms, such as DNS round-robin distribution, and network address translation (NAT). For information about load-balancing Web farms, see High Availability for Message Queuing.

When messages are sent over HTTP transport, the network names of the computers within an organization and the names of the queues hosted on them do not need to be disclosed to message senders. Message Queuing provides an HTTP message redirection feature to map external and internal names, protecting internal resources. Mapping is enabled on a HTTP message redirection Message Queuing server, positioned in the front-end of the enterprise, where all incoming HTTP requests are directed. If messages meet mapping criteria, they are forwarded further into the enterprise. For more information, see HTTP Message Redirection.