Difference between revisions of "Shooting MSMQ troubles"

From Catglobe Wiki
Jump to: navigation, search
Line 9: Line 9:
 
*cattask_queue#timeout (timeout messages come here)
 
*cattask_queue#timeout (timeout messages come here)
  
'''TODO''': explain those queues in more details.
+
'''TODO''': explain those queues in more details.  
  
At the moment, the main queue is created by hand, while the rest are created by the Rhino Service Bus itself. The point is that in order to access the queues, Rhino Service Bus needs to have enough permission to the queues. So, what specifies the access rights which RSB has to the queues? A bus creates some threads to process messages, and those threads don't use impersonation at all. In other words, it uses the default '''Identity '''of the hosting process; for example ASPNET in Windows XP or NETWORK SERVICE in Windows Server 2003.
+
Those queues, if not exists, are created by the bus itself. The point is that in order to access the queues, Rhino Service Bus needs to have enough permission to the queues. So, what specifies the access rights which RSB has to the queues? A bus creates some threads to process messages, and those threads don't use impersonation at all. In other words, it uses the default '''Identity '''of the hosting process; for example ASPNET in Windows XP or NETWORK SERVICE in Windows Server 2003. By default, RSB just grants full access for the Administrator group. To overcome this security issue, right now, I change RSB code to grant access for the Everyone user. Although granting for Everyone is not a good idea, it is working now.
 
 
Thus, when setting up a new Cattask (site) in a machine, remember to grant Full access to all the queues for those accounts.
 
  
 
'''TODO''': Change code so that appropriate access is automatically granted to those queues for relevant users.
 
'''TODO''': Change code so that appropriate access is automatically granted to those queues for relevant users.

Revision as of 10:10, 7 October 2009

Permission

- One Cattask needs 5 queues in total to work properly:

  • cattask_queue (main queue)
  • cattask_queue#discarded (discarded messages come here)
  • cattask_queue#errors (error messages come here)
  • cattask_queue#subscriptions (subscriptions messages come here)
  • cattask_queue#timeout (timeout messages come here)

TODO: explain those queues in more details.

Those queues, if not exists, are created by the bus itself. The point is that in order to access the queues, Rhino Service Bus needs to have enough permission to the queues. So, what specifies the access rights which RSB has to the queues? A bus creates some threads to process messages, and those threads don't use impersonation at all. In other words, it uses the default Identity of the hosting process; for example ASPNET in Windows XP or NETWORK SERVICE in Windows Server 2003. By default, RSB just grants full access for the Administrator group. To overcome this security issue, right now, I change RSB code to grant access for the Everyone user. Although granting for Everyone is not a good idea, it is working now.

TODO: Change code so that appropriate access is automatically granted to those queues for relevant users.