PROPID_M_AUTHENTICATED
Applies To: Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server Technical Preview, Windows Vista
(Read-only.) The PROPID_M_AUTHENTICATED property indicates whether the message was authenticated at the request of the sending application.
Property ID
PROPID_M_AUTHENTICATED
Type Indicator
VT_UI1
MQPROPVARIANT Field
bVal
Property Value
This property can be set by Message Queuing to one of the following:
MQMSG_AUTHENTICATION_NOT_REQUESTED
The sending application did not request authentication. The destination queue manager did not attempt to authenticate the message when it accepted the message.
MQMSG_AUTHENTICATION_REQUESTED
The sending application requested authentication. The destination queue manager authenticated the message when it accepted the message.
Remarks
This message property is only used by the receiving application when trying to determine whether authentication was requested. Because messages that fail authentication are not placed in the destination queue, if authentication was requested and the message is in the queue, then the message was authenticated.
Note
It is not possible to look at the properties of a message and determine if a message failed authentication. Messages that fail authentication are discarded and are not delivered to the queue.
Message Queuing can use three different types of digital signatures to authenticate non-SRMP messages: MSMQ 1.0 signatures, MSMQ 2.0 signatures, and multiple-destination digital signatures (introduced in MSMQ 3.0). A destination computer running MSMQ 1.0 accepts only MSMQ 1.0 signatures. By default, a computer running MSMQ 2.0 accepts MSMQ 1.0 and MSMQ 2.0 signatures, and a computer running MSMQ 3.0 accepts all three types of signatures. The following registry entry, which is not present by default, specifies what type of signature is accepted by a destination computer.
HKLM\SOFTWARE\Microsoft\MSMQ\Parameters\Security\RcvOnlyEnhMsgAuthn
To change the default behavior, set this entry to one of the following values.
| To | Set the registry entry to |
|---|---|
| Accept MSMQ 1.0 and MSMQ 2.0 signatures on a computer running MSMQ 2.0 Accept MSMQ 1.0, MSMQ 2.0, and multiple-destination digital signatures on a computer running MSMQ 3.0 |
0 |
| Accept only MSMQ 2.0 signatures on a computer running MSMQ 2.0 Accept MSMQ 2.0 and multiple-destination digital signatures on a computer running MSMQ 3.0 |
1 |
By default, a source computer uses only the MSMQ 1.0 signature to sign non-SRMP messages. Therefore, for compatibility, when you set this registry entry so that a destination computer will not accept MSMQ 1.0 signatures, make sure that you reset the applicable registry entry on the source computer as well. For more information, see Digital Signature Registry Entries and PROPID_M_AUTH_LEVEL.
If the receiving application needs to check only whether authentication was requested, it should use PROPID_M_AUTHENTICATED. However, if the receiving application also needs to check what type of digital signature was used during authentication, it should use PROPID_M_AUTHENTICATED_EX. You cannot specify both message properties when calling MQReceiveMessage or MQReceiveMessageByLookupId.
Retrieving PROPID_M_AUTHENTICATED
To see if authentication was requested, specify PROPID_M_AUTHENTICATED in the MQMSGPROPS structure. Then call MQReceiveMessage or MQReceiveMessageByLookupId and examine the returned value. The type indicator of this property can be set to VT_UI1 or VT_NULL. If you set the type indicator to VT_NULL, Message Queuing automatically changes the type indicator to VT_UI1 during the function call.
Equivalent COM Property
With COM components, the equivalent property for ascertaining whether a message was authenticated is MSMQMessage.IsAuthenticated.
| For information on | See |
|---|---|
| The process of authenticating messages | How Message Queuing Authenticates Messages |
Example Code
The following code fragment shows how PROPID_M_AUTHENTICATED is specified in arrays that can be used to initialize an MQMSGPROPS structure.
aMsgPropId[i] = PROPID_M_AUTHENTICATED; // Property ID
aMsgPropVar[i].vt = VT_NULL; // Type indicator
i++;
The following example is included in Using Message Queuing.
| For an example of | See |
|---|---|
| Checking to see whether a message was authenticated | C/C++ Code Example: Validating Authentication |
See Also
Message Properties
MQMSGPROPS
MQReceiveMessage
MQReceiveMessageByLookupId
PROPID_M_AUTHENTICATED_EX