As you will have gathered from the previous sections of this chapter, there is a lot to security in MSMQ. We won’t be covering it all in depth here, but instead we'll provide you with a guide to where and how you set up access permissions and audit logging for your enterprise. All these tasks are done in the MSMQ Explorer that we worked with back in Chapter 5.
Setting the Enterprise Properties
Almost all the configuration and security settings for the enterprise are in the Enterprise Properties dialog. To open this right-click on the top-level Enterprise entry and select Properties. In the Security tab there are the three standard buttons used to set the Permissions, Auditing and Ownership of the object—in this case the enterprise as a whole. In the Permissions dialog we can add our Enterprise Administrators group, and make sure that the Everyone group has only Read permissions.
It's here that you would assign the Everyone group Full Control to provide a non-secured small office-type environment if this was appropriate to your business.
Enterprise Auditing
In the same Properties dialog we can set up the auditing defaults for the enterprise by adding users and groups to the list and setting the checkboxes for the events we want to audit:
General Enterprise Defaults
Still in the Properties dialog, we can use the General and MQIS Defaults tabs to set other global options for the enterprise. This includes the replication intervals between internal (intra-site) and external (inter-site) machines in the enterprise, and the lifetime (or timeout) for all messages. The default intra-site interval is 2 seconds, and the default inter-site interval is 10 seconds, but the ideal settings depend on the traffic levels and latency of your networks. The lifetime of messages is 90 days, but you can limit it down to a number of hours if this is appropriate for your applications. One nice touch is that when you change the setting in the drop-down list, it converts the number of days into hours and vice-versa. You can throw you calculator away now:
Setting Properties for a Site
In the Properties dialog for each site within the enterprise you set the permissions and control audit events for that site—in exactly the same way as for the enterprise. In this case, however, you'll add the Site Administrators group to the Permissions dialog (and the Enterprise Administrators group if they are not also members of the Site Administrators group). We've also provided special access permissions to another group that maintains the site. They have restricted permissions compared to the Site Administrators:
Setting the Type of Access for an account or group to Special Access opens the Special dialog (you can also double-click the account name). Here we're allowing Maintenance users to carry out a subset of the tasks available for a site:
Setting Route Connection Costs
You'll recall that in Chapter 5 we discussed the way that MSMQ can 'cost' routes so as to distribute messages in the most efficient way. This is set up for each site in the Connections dialog. Here we're adding routes and costs for a fictitious enterprise that spans the USA:
This dialog is also used to define Site Gates between one enterprise and another. For more information on route costs and Site Gates, check out the MSMQ Help files. A series of topics under Routing, in the Understanding MSMQ section of the Administrators Guide, contains information on all the message routing options.
Setting Properties for a Queue
In MSMQ Explorer we can also set and change the properties for a queue. As well as the usual Security settings, there is a page where we can specify the total maximum size for messages and journals, as well as controlling if the queue will accept only Authenticated messages (when un-checked the queue will accept both authenticated and un-authenticated messages). We can also set the Privacy Level of the queue and the Base Priority here:
As we saw back in Chapter 5, the priority of a message controls the order in which it will be delivered, compared with the other messages that have different priority settings. Messages with the highest priority are delivered first. If no priority is specified when the message is created, the value of Base Priority is assigned to it.
The setting for Privacy Level determines whether messages sent to the queue can be encrypted. Optional means that the queue will accept both encrypted and unencrypted messages. Body means that all messages sent to this queue must be encrypted, and any attempts to send one that isn’t will result in an error.
The Transactional option is only enabled if we create the queue as a transactional queue in the first place.
A queue's properties can be set in code when you create a queue dynamically within your application (i.e. when you are the owner of the queue). We'll see how this is done in the next section.