我在单个SqlServer实例中有2个数据库。 我需要使用ServiceBroker服务从一个数据库向另一个数据库发送消息。 如果不在数据库上将TRUSTWORTHY设置为“ON”,怎么办呢,因为在我的情况下,由于安全风险,这不是一个选项?
答案 0 :(得分:5)
您必须使用证书设置对话框安全性,请参阅Certificates for Dialog Security:
为发起人服务所有者创建并导出证书(可能是dbo)
USE <initiatordb>;
CREATE CERTIFICATE [<initiatorservicename>] AUTHORIZATION [<initiatorserviceowner>] WITH SUBJECT = '<initiatorservicename>';
BACKUP CERTIFICATE [<initiatorservicename>] TO FILE = 'c:\temp\<initiatorservicename>.cer';
为目标服务做同样的事情:
USE <targetdb>;
CREATE CERTIFICATE [<targetservicename>] AUTHORIZATION [<targetserviceowner>] WITH SUBJECT = '<targetservicename>';
BACKUP CERTIFICATE [<targetservicename>] TO FILE = 'c:\temp\<targetservicename>.cer';
在目标数据库中导入启动器服务所有者的证书,为其创建代理用户并授予SEND权限:
USE <targetdb>;
CREATE USER [<initiatorserviceproxyuser>] WITHOUT LOGIN;
CREATE CERTIFICATE [<initiatorservicename>] AUTHORIZATION [<initiatorserviceproxyuser>] FROM FILE='c:\temp\<initiatorservicename>.cer'
GRANT SEND ON SERVICE::[<targetservicename>] TO [<initiatorserviceproxyuser>];
在启动器数据库中导入目标服务所有者的证书,为其创建代理用户并映射远程服务绑定:
USE <initiatordb>;
CREATE USER [<targetserviceproxyuser>] WITHOUT LOGIN;
CREATE CERTIFICATE [<targetservicename>] AUTHORIZATION [<targetserviceproxyuser>] FROM FILE='c:\temp\<targetservicename>.cer'
CREATE REMOTE SERVICE BINDING [<targetservicename>] WITH SERVICE_NAME = '<targetservicename>', USER = [<targetserviceproxyuser>];
我从内存中输入了所有这些内容,我希望我的语法正确。