<transport> of <msmqIntegrationBinding>

Defines the security settings for the Message Queuing integration transport.

Schema Hierarchy

<system.serviceModel>
  <bindings>
    <msmqIntegrationBinding>
      <binding>
        <security> of <basicHttpBinding>
          <transport> of <msmqIntegrationBinding>

Syntax

<security>
    <transport msmqAuthenticationMode="None/WindowsDomain/Certificate"
        msmqEncryptionAlgorithm="RC4Stream/AES"
        msmqProtectionLevel="None/Sign/EncryptAndSign"
        msmqSecureHashAlgorithm="MD5/SHA1/SHA256/SHA512" />
</security>

Attributes and Elements

The following sections describe attributes, child elements, and parent elements

Attributes

Attribute Description

msmqAuthenticationMode

Specifies how the message must be authenticated by the MSMQ transport. If this is set to None, the value of the msmqProtectionLevel attribute must also be set to None.

Valid values include the following:

  • None: No authentication.

  • WindowsDomain: The authentication mechanism uses Active Directory to get the X.509 certificate for the SID associated with the message. This is then used to check the ACL of the queue to ensure the user has permission to write to the queue.

  • Certificate: The channel gets the certificate from the certificate store.

The default value is WindowsDomain. This attribute is of type MsmqAuthenticationMode.

msmqEncryptionAlgorithm

Specifies the algorithm to be used for message encryption on the wire when transferring messages between message queue managers. Valid values include the following:

  • RC4Stream

  • AES

The default value is RC4Stream. This attribute is of type MsmqEncryptionAlgorithm.

msmqProtectionLevel

Specifies how the message is secured at the level of the MSMQ transport. Encryption ensures message integrity while EncryptAndSign ensures both message integrity and non-repudiation; that is, the message indeed comes from the sender and the sender is who he says he is.

  • Valid values include the following:

  • None: No protection.

  • Sign: Messages are signed.

  • EncryptAndSign: Messages are encrypted and signed.

The default value is Sign. This attribute is of type ProtectionLevel.

msmqSecureHashAlgorithm

  • Specifies the algorithm to be used in computing the digest as part of signatures. Valid values include the following:

  • MD5

  • SHA1

  • SHA256

  • SHA512

The default value is SHA1. This attribute is of type MsmqSecureHashAlgorithm.

Child Elements

None

Parent Elements

Element Description

<security> of <basicHttpBinding>

Defines the security settings for a MSMQ binding.

Remarks

This element encapsulates the security settings for the Message Queuing integration transport. The settings are the same for both the Message Queuing integration and queued transports. It enables you to set the Authentication Mode, Encryption Algorithm, Secure Hash Algorithm, and Protection Level.

See Also

Reference

MsmqTransportSecurityElement
Transport
Transport
MsmqTransportSecurity

Concepts

<binding>

Other Resources

Securing Services and Clients
Securing Services and Clients
Windows Communication Foundation Bindings
Configuring System-Provided Bindings
Using Bindings to Configure Services and Clients