Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Determining the Dialog Security Type

The type of dialog security that is used for a conversation depends on the options in the BEGIN DIALOG CONVERSATION statement, the settings on the remote service binding for the service, and whether the owner of the initiating service owns a certificate. For each new dialog, SQL Server looks up the remote service binding for the target service in the sys.remote_service_bindings catalog view.

The following table lists the type of dialog security for each valid combination. Notice that if a remote service binding exists, the dialog uses encryption regardless of the settings on the BEGIN DIALOG CONVERSATION statement.

 

 

No remote service binding

Remote service binding with ANONYMOUS = ON

Remote service binding with ANONYMOUS = OFF

Service owner has a certificate

ENCRYPTION = ON

Dialog fails

Anonymous security

Full security

Service owner has a certificate

ENCRYPTION = OFF

No dialog security

Anonymous security

Full security

Service owner does not have a certificate

ENCRYPTION = ON

Dialog fails

Anonymous security

Dialog fails

Service owner does not have a certificate

ENCRYPTION = OFF

No dialog security

Anonymous security

Dialog fails

Dialog fails

SQL Server does not have the information required to provide the requested security. Service Broker ends the conversation and puts an error message on the queue for the initiating service.

No dialog security

SQL Server does not provide dialog security for the dialog. Operations on behalf of the initiating service run as public in the target database. Messages are not encrypted for this dialog. Notice, however, that transport security may encrypt the message on the network.

Anonymous security

SQL Server uses anonymous security. Messages outside of the instance are encrypted for this dialog. Because the target service cannot verify the identity of the initiating service, operations on behalf of the initiating service run as public in the target database.

Full security

SQL Server uses full security. Messages outside of the instance are encrypted for this dialog. Operations on behalf of the initiating service run as the designated user in the target database.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.