In Service Broker Message Dialog Security Is Not Available For This Conversation...

Jul 23, 2007

when ever I send my message thru Service Broker I am getting an error message like this "



"Dialog security is not available for this conversation because there is no remote service binding for the target service. Create a remote service binding, or specify ENCRYPTION = OFF in the BEGIN DIALOG statement."



This I found in sys.transmission_queue

Please reply with your comments

View 1 Replies


ADVERTISEMENT

Service Broker Dialog And Transport Security

May 25, 2006

what is the difference between the Dialog security and the transport security?

If I disable the dialog security can the messages be sent to the a different SQL server instance. As the transport security will encrypt the messages.

If I don't create a certificate to be used by the transport security can the messages be sent to another SQL server instance?

Can a message be sent to another SQL Server instance without creating a REMOTE Service Binding?

View 1 Replies View Related

Service Broker Sending Message To Self. Start Conversation With Self

Jan 29, 2008

I've got a situation where I want to put request message on a queue. Because starting a conversation is the only way to put messages on a queue I have to start a conversation with myself. So my Begin Dialog Statement looks something like this:



DECLARE @conversation_handle UNIQUEIDENTIFIER;

BEGIN DIALOG CONVERSATION @conversation_handle

FROM SERVICE [ServiceName1]

TO SERVICE 'ServiceName1'

ON CONTRACT [ContractName1]

WITH ENCRYPTION = OFF;

SELECT @conversation_handle AS ConversationHandle



I haven't noticed any problems with doing this but I wanted to know if there was anything wrong with it. Does someone know what problems this might cause?

View 4 Replies View Related

Service Broker End Conversation

Jan 17, 2007

Hello people

I am new to service broker and would like a little help please. I have a SP which gathers information from a collection of tables. Depending on the data gathered it may or may not begin a dialog conversation with a service broker queue. What i'm needing to know is should at the end of the SP once the required message has been sent should i end the conversation or not?



Many thanks in advance, Michael



View 1 Replies View Related

Cross DB Dialog Security Issues. Was: Can't Route To Another LOCAL Broker Instance

May 31, 2007

Hi Remus,



I am experiencing the same problem, and I can't get the easy fix to work. I drop and create the DB's in between tests, so it is not related to having an old certificate in the DB, as in the case of Tilfried.



The situation is as follows:

DB1 owned by login1, has a user for login2; this DB is for the initiator

DB2 owned by login2, has a user for login1; this DB hosts the target

Both DB's have TRUSTWORTHY flag set to ON

Error in sys.transmission_queue: 'Error 916, State 3: The server principal "Login1" is not able to access the database "DB2" under the current security context.



Going on a limp, I decide to add a remote service binding in DB1, binding the user for Login2 to the target service, even though BOL explicitly states that this is only required for cross-server communications. This does change the situation - I still get an error, but a new message is sys.transmission_queue: "Dialog security is unavailable for this covnersation because there is no certificate bound to the database principal (Id: 5). Either create a certificate for the principal, or specify ENCRYPTION = OFF when beginning the conversation." I already know that the first option works, but I wanted to get the simple solution running. As for the second option, I doublechecked and the initiating procedure DOES already specify ENCRYPTION = OFF in the BEGIN DIALOG CONVERSATION command. My theory is that the remote service binding somehow forces SB to use encryption, but (a) that is not stated in the error message, and (b) if so, then how to get the messages sent over to the target service without using the binding?



==> EDIT: Just saw that you confirmed this theory in your last reply to Tlifried. So I am indeed back to having to find out how to get this to work without remote service binding - it should be possible, but how???



BTW, SELECT @@VERSION shows that I'm on build 3054, in case it matters.



Between all the errors in BOL and less than helpfull error messages produced by SB, I feel like I'm slowly losing my sanity. Please help!



Best regards,



Hugo Kornelis

View 6 Replies View Related

Dialog Security And Message Encryption

Apr 25, 2006

I understand that Dialog Security + certificates can be used to encryption individual dialogs. I have several demos working now that do just this.However, I don't fully understand exactly when the messages are encrypted, and if they are ever written to a queue on the initiating service prior to being encrypted. I want to make sure that admins can't simply query the transmission queues to get clear text messages, because I have strict requirements that I encrypt all personal data that is stored anywhere in a database.
BOL is a little unclear on this topic. The relevant doc reads:For a dialog that uses security, Service Broker encrypts all
messages sent outside a SQL Server instance. Messages that remain within a SQL
Server instance are never encrypted. In dialog security, only the database that
hosts the initiating service and the database that hosts the target service need
to have access to the certificates used for security. That is, an instance that
performs message forwarding is not required to have the capability to decrypt
the messages that the instance forwards.Does this imply that message destined for an external service aren't encrypted until they leave the instance? Or does Service Broker figure out that the message is destined for a remote service and therefore applies encryption to the message_body prior to the message hitting the transmission queue on the initiating service?Many thanks, Kevin

View 6 Replies View Related

Closing A Conversation Later On And Microsoft Service Broker Interface (sample)

Oct 24, 2006

In a messaging application, a client sends a message to the server. The server uses Service Broker Interface, and is CLR based. On the server, the message has a life cycle - going throughout multiple transitions until is final (Pending, In Transit, Delivered, TimedOut, Undeliverable). As the server receives the message, it sends back to the client a reply status message of In Transit. It does so using the same message€™s conversation. It also saves €“ along with the message €“ its conversation handle. The dialog is not closed. After a while, the server may decide that the message has gotten to a final state (Delivered or TimedOut). I would like at that time to send a reply status message (Final State) back to the client and also close the conversation. The conversation handle has been saved by both, client and server. Having the conversation handle available - how do I get back to the client later on?
Thanks,

View 4 Replies View Related

Service Broker Neophyte Question: Conversation_id And Conversation Handle

Nov 29, 2005

within the context of the sys.conversation_endpoints system view, there is:

View 3 Replies View Related

Thoughts/patterns For The Following Use Case Related To Service Broker Dialog Network Connection

Dec 29, 2006

Hi,

I would appreciate any thoughts/ideas on the following use case for the distributed service broker application we plan to migrate from our existing proprietary tcp based message protocol using database tables for reliability.

There are two ssb services running in separate sql server instances, each on a different server machine. For simplicity, let us assume the ssb endpoint names are SSBA, SSBB. SSBB is the Initiator of the Dialog while SSBA is the Target. Now the requirement is that if the underlying network communication between the two ssb endpoints(SSBA and SSBB) is broken or if the critical service SSBB is down, then processing of any incoming message into SSBA's queue from a third service broker service (say SSBEXPR) running within a SqlExpress instance should be delayed until SSBB is alive and network communication between SSBA and SSBB is established. In our existing implementation (wherein SSBA, SSBB and SSBEXPR are windows services) we use a combination of TCP socket disconnects and Heartbeat messages between SSBA and SSBB to determine the health of network connection and that of the SSBB service.

Now my understanding of how the underlying network connection for a ssb dialog works is that if there is no activity on a dialog for a certain amount of time then the underlying network connection is closed. Is there a way to specify the amount of time to say infinite value or something and thus change this behavior? My other question is how can one query the underlying network connection (i.e. a row from sys.dm_broker_connections) associated with a particular conversation? If none of this is possible, then any other patterns/ideas/approach is welcome.

Thanks,









View 8 Replies View Related

Dialog Security With Different Instances Of A Service

Sep 20, 2005

I am in the process of evaluating the use of Service broker for messaging in a load balanced configuration, and am not having any success.  My configuration is as follows.   1) Master database on Box #1 which is the initiator of all dialogs 2) Target database on Box #2 3) Target database on Box #3   One of my goals is that the databases on Box #2 and #3 are as close to identical as possible.   My routing table on Box #1 looks something like the following   Name remote_service_name broker_instance address TargetOne TargetService
E96DC67E-F696-4D93-8545-C2E92157E32D tcp://server1:4022/ TargetTwo TargetService
56607120-26AA-4AAA-B9E4-F14689C40E41 tcp://server2:4022/   My messaging process begins with a dialog initiated from the master database (Box #1) to each of the target services.  At this time, only the first server "tcp://server1:4022/" is receiving messages.  The sys.transmission_queue shows a message outbound to "tcp://server2:4022/" with a blank status.   I believe that my delivery problem has something to do with the resolution of the dialog certificate need for the conversation.  The MSDN documentation states that:   "Service Broker uses a remote service binding to locate the certificate to use for a new conversation...The certificate for user_name must correspond to the certificate for a user in the database that hosts the remote service."    I am confused as to how I would configure remote service binding if one can not create more than one binding for the same remote_service_name.   The following throws an exception on the last creation of the binding.
---CODE SNIP---
CREATE CERTIFICATE UFEDlgCertTargetPublic

View 3 Replies View Related

Service Broker TO Service Could Not Be Found Message Origin: Transport

Mar 30, 2007

I am trying to send a message between to SQL Server 2005 instances on two different machines. I have checked all my routes and all my objects appear to be setup correctly. However, when running Profiler on the target machine, I receive the "This message has been dropped because the TO service could not be found. Service name: "[tcp://mydomain.com/TARGET/MyService]". Message origin: "Transport". This is my activated stored procedure that is sending the message to the target service. I am using certificate security. Any help appreciated....



CREATE PROCEDURE [usp_ProcessMessage]

AS

BEGIN

SET NOCOUNT ON;

DECLARE @conversation_handle uniqueidentifier

DECLARE @message_body AS VARBINARY(MAX)

WHILE (1=1)

BEGIN

BEGIN TRANSACTION;

WAITFOR(RECEIVE TOP (1)

@conversation_handle = conversation_handle,

@message_body = message_body

FROM [tcp://mydomain.com/INITIATE/MyQueue]

), TIMEOUT 1000;

IF (@@ROWCOUNT = 0)

BEGIN

COMMIT;

BREAK;

END

END CONVERSATION @conversation_handle

IF @message_body IS NOT NULL

BEGIN



BEGIN DIALOG CONVERSATION @conversation_handle

FROM SERVICE [tcp://mydomain.com/INITIATE/MyService]

TO SERVICE '[tcp://mydomain.com/TARGET/MyService]'

ON CONTRACT [tcp://mydomain.com/INITIATE/MyMessage/v1.0]

WITH ENCRYPTION = ON, LIFETIME = 600;

SEND ON CONVERSATION @conversation_handle

MESSAGE TYPE [tcp://mydomain.com/TARGET/VisitMessage]

(@message_body);

END

COMMIT;

END

END

GO



My endpoints are created like so:



CREATE ENDPOINT MyEndpoint

STATE = STARTED

AS TCP

(

LISTENER_PORT = 4022

)

FOR SERVICE_BROKER (AUTHENTICATION = CERTIFICATE MasterCertificate)

GO



GRANT CONNECT TO CertOwner

GRANT CONNECT ON ENDPOINT::MyEndpoint TO CertOwner

GO



And my routes like so:



GRANT SEND ON SERVICE::[tcp://mydomain.com/INITIATE/MyService] TO CertOwner

GO

CREATE REMOTE SERVICE BINDING [MyCertificateBinding]

TO SERVICE '[tcp://mydomain.com/TARGET/MyService]'

WITH USER = CertOwner,

ANONYMOUS=OFF

CREATE ROUTE [tcp://mydomain.com/INITIATE/MyRoute]

WITH SERVICE_NAME = '[tcp://mydomain.com/TARGET/MyService]',

BROKER_INSTANCE = N'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx',

ADDRESS = N'TCP://xxx.xx.xx.xx:4022'

GO

View 10 Replies View Related

Service Broker: Trigger On New Message

Jul 13, 2007

Hi,



I have a small problem with my two databases ( A and B ).



On database A I have a queue set up for receiving messages from a service broker which are sent via a stored procedure from database B ...



Each time a message hits the queue on database A I would like to run a stored procedure that takes the message and actions it.





I have my stored procedures in place but can't figure out how to trigger a procedure each time a message is received. I have read this ( http://technet.microsoft.com/en-us/library/ms171601.aspx ) but would really appreciate someone posting an example of setting up queue activation.



Many thanks



Chris

View 1 Replies View Related

App Receiving Options Message From Service Broker

Nov 2, 2006

I have an app receiving messages from SQL Service Broker when data is updated. (Messages are located at http://msdn2.microsoft.com/en-us/library/system.data.sqlclient.sqlnotificationinfo.aspx )

When I run this app against a remote SQL Server, I receive the message "Updated" which I expect.

But when I run the same app against the local machine SQL Server, I receive the message "Options".

Does anyone know if there are SQL Server options that must be set to certain values?
I can't seem to find anything that troubleshoots this message... either from a SQLServer- or a .NET standpoint.

View 7 Replies View Related

Can Service Broker Process A Email Message

Feb 28, 2006

How do you set up the service broker to process an email message, and how do you format that message and send it to the que.



Can the service broker alos process an html form from a que.



Thanks

View 1 Replies View Related

SQL Service Broker To Send Message To SSRS

Jan 23, 2008

Hi All,
I want to send notification to SSRS on change in database for that I am using SSB to send message to SQL Server Reporting Services.
Can I use SSB and if yes, how? Please guide me I am new to this.

Thanks,
Omkar.

View 1 Replies View Related

Service Broker Message Dispatcher Error

Apr 9, 2008

One of my customers' SQL Server 2005 databases, which was set up to receive messages from another SQL Server 2005 database on another server has been re-installed by the customer and now the message passing no longer works. After recreating the End Point and re-enabling the Service Broker on the target database, I am now getting messages in the SQL Server error log.

An error occurred in the service broker message dispatcher, Error: 15581 State: 3.


and

Error: 9644, Severity 16, State: 14.


The two errors repeat alternately ad nauseum.
Running a trace on the target database server, for the Broker:Message Undeliverable, gives an endless stream of these entries:

This message could not be delivered because an internal error (code 15581, state 3) was encountered while processing it. Check the error log for more information.


Any ideas on how to fix this system?

View 4 Replies View Related

Message Could Not Be Delivered Errors In Service Broker

Apr 17, 2007



Hi,



I am using service broker in between two database servers. following is the way i am sending and receiving messages



Send



BEGIN TRAN
BEGIN DIALOG CONVERSATION @handle
FROM SERVICE @SendService
TO SERVICE @ReceiveService
ON CONTRACT @Contract
WITH LIFETIME = @lifetime;

SEND ON CONVERSATION @handle
MESSAGE TYPE @xmlMessageType(@xmlMessage);
COMMIT



Receive



BEGIN TRAN;
RECEIVE TOP(1) @xmlMessage = message_body,
@handle = conversation_handle,
@message_type = message_type_name
FROM TransactionQueue;

----------------------------------------------------------------------------------------------------
-- Check to make sure a message was returned to process. In theory this should never happen.
----------------------------------------------------------------------------------------------------
IF @@rowcount = 1
BEGIN

IF @message_type = 'http://schemas.microsoft.com/SQL/ServiceBroker/EndDialog'
BEGIN
END CONVERSATION @handle;
COMMIT
RETURN 0
END

IF @message_type = N'http://schemas.microsoft.com/SQL/ServiceBroker/Error'
BEGIN
RAISERROR(N'Received error %s from service [Target]', 10, 1)
END CONVERSATION @handle;
COMMIT
RETURN 0
END


SET @sql = 'EXEC '+@message_processor_name+' @xml'

BEGIN TRAN
EXEC sp_executesql @sql, N'@xml XML', @xml=@xmlMessage
COMMIT TRAN
END CONVERSATION @handle;
END
COMMIT



I see Messages are delivered to the target every thing working fine other than following errors which i am seeing in profiler.



1) "This message could not be delivered because the conversation endpoint has already been closed." I see this error on initiator end. Is it like ending conversation on initiator end when i get "EndDialog" send an acknowledgement, which cannot be recieved by target as it has already ended conversation.



2) "An error occurred while receiving data: '64(The specified network name is no longer available.)'." I don't have much idea about the reason for this error. But in profiler i see value for GUID is different for this error and the real message.



Let me know if you need any other information



View 4 Replies View Related

Service Broker Security Question

May 22, 2006

If I have a stored procedure that is reading data in one database and writing it to another database (same instance) are there any extra grants that I must do. I do have a user created in both databases with the same certificate (backup and create certificate from the file system) and I've done the
GRANT AUTHENTICATE TO [SessionsServiceProcedureAudit];
GRANT EXECUTE ON <the cross database stored procedure>

Gary

View 8 Replies View Related

SQL Service Broker - Transport Security

Feb 20, 2007

If all my SQL Server instances are mutually trusted, am planning to implement transport layer security with Windows authentication. My query is that if I'm using Windows authentication do I need certificates to be created? Though I am using Transport security, I can achieve encryption by ENCRYPTION - ON in the Begin Dialogue conversation. I assume Message integrity using MD5 signatures are by default provided by Service broker irrespective of whichever service options we choose?

Can I have some article references on how these security mechanisms will impact the performace of Service broker communications?



Thanks a lot,

View 5 Replies View Related

Service Broker Security Issue

Aug 24, 2007

Just tried to deploy my service broker solution to a test environment but got the following error:


An exception occurred while enqueueing a message in the target queue. Error: 15517, State: 1. Cannot execute as the database principal because the principal "dbo" does not exist, this type of principal cannot be impersonated, or you do not have permission.


Any idea as to what this error message actually means and what I would have to do to get it to work?

Thanks

View 3 Replies View Related

Service Broker Message On Remote Instance Not Working

Feb 14, 2006

I was trying to send a message on a different instance in the network using service broker. I have created the endpoint and route both the side. I could see that the messages are in the transmission_queue in the sender side with no error in the status.

What could be the reason.

I am doing the following:
CREATE ROUTE inst02
WITH
SERVICE_NAME = 'SERVICE2',
ADDRESS = 'tcp://10.14.43.149:2341'

in the send script i am using this:
BEGIN DIALOG CONVERSATION @dialog_handle
FROM SERVICE [SERVICE1]
TO SERVICE 'SERVICE2'
ON CONTRACT [MainContract] WITH ENCRYPTION = OFF ;

in the sending side if i change the endpoint's authentication as windows kerberos , then i get thefollowing error in the transmission queue:

"Connection handshake failed. An OS call failed: (8009030e) 0x8009030e(No credentials are available in the security package). State 66."

I also have given access to the remote user on this endpoint(on the recever side) using this :
GRANT CONNECT ON ENDPOINT::Endpoint_test to paras

I am executing the sending side send script using the same user wich has access to the remote endpoint.

Can some one resolve this issue.

Thanks

View 9 Replies View Related

Service Broker Windows Security Problem

Jan 10, 2008

I am using windows authentication to send messages from one server to another.

The user is a domain user that is sysadmin on both servers and db owner of each database.

The errors I see in porfiler are as follows


At target,
An error occurred while receiving data: '10054(error not found)'.

and the following at the initiator:
Connection handshake failed. An OS call failed: (8009030c) 0x8009030c(The logon attempt failed). State 67.


For what its worth, the script for my target endpoint is below, and access has been granted to public:


CREATE ENDPOINT [BROKER]
AUTHORIZATION [MYDOMAINmssqlssb]
STATE=STARTED
AS TCP (LISTENER_PORT = 4022, LISTENER_IP = ALL)
FOR SERVICE_BROKER (MESSAGE_FORWARDING = DISABLED
, MESSAGE_FORWARD_SIZE = 10
, AUTHENTICATION = WINDOWS NEGOTIATE
, ENCRYPTION = REQUIRED ALGORITHM RC4)



I've actually used these users/objects successfully dozens of times on a seperate server with many clients...I am just re-scripting the objects here on this new server. The new remote machine is an image of one of the original machines that was working fine (with new broker GUIDs).



Thanks for any insight.
John

View 3 Replies View Related

TRYING TO CREATE CERTIFICATE FOR SERVICE BROKER SECURITY BUT GETTING ERROR

May 22, 2007

hi all,

i m trying to send message between different server instance using service broker.

and for security purpose i am trying to create certificate. for that i have used makecert.exe and get a certificate and a private key. but when i am creating certificate using that file it is showing error

the code is --

CREATE CERTIFICATE ctfSourceServerMaster

FROM FILE = 'C:SourceServer.cer'

WITH PRIVATE KEY ( FILE = 'C:SourceServer.pvk', DECRYPTION BY PASSWORD = 'PrivateKeyPassword' )

ACTIVE FOR BEGIN_DIALOG = ON

GO

i have created the file SourceServer.cer' and SourceServer.pvk' by using makecert.exe tool.

the idea behind creating the certificate ctfSourceServerMaster is to give transport security.

I am running the particular script in the master database.

but still i am getting error

ERROR:----

The certificate, asymmetric key, or private key file does not exist or has invalid format.



If any body has any idea please help!!!!!!!!!!!

Thanks a lot in advance

View 1 Replies View Related

Whats The Difference Between A Dialog And A Conversation?

Oct 3, 2006

As above

View 3 Replies View Related

How To Prevent The Hang On The Initator Service Broker If The Target Service Broker Is Not Started?

Sep 10, 2007

How to prevent the hang on the initator service broker if the target service broker is not started?

Our case has two service brokers (two databases), sometime, the target is need to turn off. But the sitation is the initator service broker (in fact, the message is sent from triggers) become hang, I want to prevent this case and continue to operation, and the messages should queue and will continue to send to target service broker when it startup. How should I do?

View 3 Replies View Related

Problem With A Server Broker Conversation Between Two Instances

Feb 1, 2007

I have a problem with a server broker conversation between two instances on the same machine.

I have used Server Listning Manager to setup the communication between the instances.

When i a try to send a dialog it stops in sys.transmissin_queue and transmission_status is "The Service Broker protocol transport cannot listen on port 4022 because it is in use by another process."

Can someone help me

/ Dan Svensson

View 3 Replies View Related

The SQL Server Service Broker For The Current Database Is Not Enabled, And As A Result Query Notifications Are Not Supported. Please Enable The Service Broker For This Database If You Wish To Use Notifications.

Feb 16, 2008

Hello,          I receive this error  "The SQL Server Service Broker for the current database is not enabled, and as a result query notifications are not supported.  Please enable the Service Broker for this database if you wish to use notifications." I attach the database in Management Studio to query and enable the broker using the scrip below but to no avail. ALTER DATABASE DataName SET ENABLE_BROKER ‘''<<------successfulandSELECT is_broker_enabled FROM sys.databases WHERE name = 'Database name' ‘'''<<-------value is 1 Global.asax ...    Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)        System.Data.SqlClient.SqlDependency.Start(ConfigurationManager.ConnectionStrings("dataConnectionString1").ConnectionString)    End Sub...Web.config ...    <connectionStrings>        <add name="dataConnectionString1" connectionString="Data Source=.SQLEXPRESS;AttachDbFilename=|DataDirectory|jbp_data.mdf;Integrated Security=True;User Instance=True"         providerName="System.Data.SqlClient" />        <add name="ASPNETDBConnectionString" connectionString="Data Source=.SQLEXPRESS;AttachDbFilename=|DataDirectory|ASPNETDB.MDF;Integrated Security=True;User Instance=True"         providerName="System.Data.SqlClient" />    </connectionStrings>... Hope you could help.  cheers,imperialx 

View 1 Replies View Related

Conversation Handle Processed By An Activated Stored Procedure Service Can Not Be Invoked By A CLR Service Instance?

Dec 1, 2006

I have a initiator and a target service broker peer.

Both are controlled by a C# unit test. The initiator uses the Microsoft.Samples.SqlServer class. The target service uses stored procedure activation.

Sending a message from the initiator to the target, saves the content of the message, along with its conversation handle in the target's database specific table.

The unit test needs - at a later time - to instruct the target to send a message back on the same conversation handle to the initiator service.

For this the C# unit test creates a Conversation off of the saved conversation handle:


Service client = new Service("cleintservicename", conn, tran);

Conversation dialog = null;

dialog = new Conversation(client, convHandle);
Sending the message on this dialog generates an error "Message body: <Error xmlns="http://schemas.microsoft.com/SQL/ServiceBroker/Error"><Code>-8495</Code><Description>The conversation has already been acknowledged by another instance of this service.</Description></Error>".
Is the error due to the fact that a service - using the activated stored procedure already picked up the conversation, so that a new reference to the service can not be created through the Service class in CLR?
If so, I might need then to skip the activated stored procedure in favor or a CLR service, alltogether?
Any help - greatly appreciated.

View 7 Replies View Related

Transport Security Vs Dialog Security

Aug 3, 2006

In an environment where there are many initaitors speaking to a central target with frowarders in between, from what i can understand this best policy is to disable encryption on the endpoints, since dialog encryption will be enforced this is all that is really required, is this correct.

If the endpoints used encryption the message would need to be encrypted and decrypted at each forwarder resulting in slower perfromance, where as dialog encryption would only encrypt at the sender and decrypt at the target, so is this the best way to go?

Secondly is it best practice to open a dialog initally and send messages over this dialog for years never ending the conversation? This way the services only have to authenticate eachother once, if there are no reboots etc that is of course.

I would think performance wise sending each message and ending the conversation each time is a much greater overhead ? So would it be best practice to keep dialogs open and keep sending messages ?

Initally when i was learning service broker i thought that one must send a message and end the dialog until the next message, but i think the other way is the best option ?

Is this correct ?

Thanx

View 1 Replies View Related

Architectural (broker) Place Of SQL Service Broker

Apr 5, 2007

Hi,



I am struggling with the position SSB could take in an SOA. If I would want a broker in the general sense, meaning an intermediary sitting between applications which exchange information through messaging, would SSB be a good candidate? I know Biztalk is probably the primary candidate, but in my scenario I would end up with Biztalk apps with empty orchestrations. Also, I think Biztalk is more expensive to manage. So I am looking for a lightweight broker for a simple SOA targeted at application interoperability, no fancy business processes in sight.



I look forward to some responses.



Kind regards,

Neeva

View 2 Replies View Related

Dialog Security Questions

Aug 10, 2006

Hi Remus

Thank you for the email reply.

However i am still not 100% clear, dialog security with certificates when there are hundreds of remote services seems a bit complicated.

I have a few more questions.

1. you said "When sending the first message (any direction), we look up the 'best' certificate for each user"

My inititor sevice is owned by dbo, i have created certificates only for named users not dbo, how would this work?

2. I am going to try settin gup this again, but at the central service i will create a seprate user for each remote service, authorize the remote certificate for this user and use this user in the remote service binding for that remote service, is this correct or am i still doing somehting wrong?

3. How does all of this relate to the endpoint security, i ahve the same scenario, 1 pricipal id with all remote certificates authorized for it for the endpoint? I have no idea how i would have to setup different user for each remote servcie as far as the endpoint goes as there is no remote service binding to dictate which user to use ?

I will keep try and experimenting maybe i will get it right sooner or later.

Thank You

View 6 Replies View Related

Detailed Error Message For Conversation Marked With ER

Jan 15, 2008



Hello,
How can I find the cause on the error that marked one conversation with status 'ER' in sys.conversation_endpoints?

Thanks in advance.

View 1 Replies View Related

Confusion About Dialog Security Steps.

Aug 3, 2006

Hi There

I have done the following.

2 Servers across the net work Server A and Server B.

I have created private keys at each and copied to public keys across.

I create an endpoint at each with validation by the certificates. I then create appropriate users and logins at each and import the public certificates with authorization to the users who have send permission on the endpoints.

That is transport security sorted and it works.

Now from what i have learnt from examples, to setup dialog security i do the following.

create a private key in each DB :

create certificate Store001DialogPri

with subject = 'Store001DialogPri',

start_date = '07/20/2006'

active for begin_dialog = on;

go

I then copy the public key to each server, create a user only in each DB and import the public keys with authorization on the user. And grant send to the appropriate servcies to the user.

I then create appropriate remote service bindings with this user.

Now this works for me. Everythign seems A OK.

However i am going thorugh the Service Broker "bible", and there are a ton of steps i am not doing but my setup works ???

Steps i am not doing for example is when i create the private keys in the DB i should authorize them to a user i create who is then gratnted CONTROL permission on the SERVICES.

Now i do not do this but everything seems to be working. I thought i finally understood dialogs security but now i am totally confused ?

Is what i am doing correct ? If so why are these all these additinal steps mentioned ? WHat am i missing ?

Thanx

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved