Share via


MSMQMessage.IsAuthenticated2

 

Applies To: Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server Technical Preview, Windows Vista

(Introduced in MSMQ 3.0.) The IsAuthenticated2 property of the MSMQMessage object indicates whether the message was authenticated at the request of the sending application.

MSMQMessage.IsAuthenticated2 is a Boolean property that supersedes the non-Boolean MSMQMessage.IsAuthenticated property.

Data type: Boolean
Run-time access: Read-only
Property IsAuthenticated2 As Boolean  

Property Value

A Boolean set to one of the values:

True (-1)

The sending application requested authentication. The destination queue manager authenticated the message when it accepted the message.

False (0)

The sending application did not request authentication. The destination queue manager did not attempt to authenticate the message when it accepted the message.

Remarks

IsAuthenticated2 is used by the receiving application to determine whether the sending application requested authentication (see also, MSMQMessage.ReceivedAuthenticationLevel. If authentication was requested and the message is in the queue, then the receiving application can assume that the message was authenticated.

Note

It is not possible to look at the properties of a message and determine if a message failed authentication. Messages that fail authentication are discarded and are not delivered to the queue.

Message Queuing can use three different types of digital signatures to authenticate non-SRMP messages: MSMQ 1.0 signatures, MSMQ 2.0 signatures, and multiple-destination digital signatures (introduced in MSMQ 3.0). By default, a computer running MSMQ 3.0 accepts all three types of signatures. The following registry entry, which is not present by default, specifies what type of signature is accepted by a receiving computer.

HKLM\SOFTWARE\Microsoft\MSMQ\Parameters\Security\RcvOnlyEnhMsgAuthn  

To change the default behavior of an MSMQ 3.0 computer, set this entry to one of the following values.

To Set the registry entry to
Accept MSMQ 1.0, MSMQ 2.0, and multiple-destination digital signatures on a computer running MSMQ 3.0 0
Accept MSMQ 2.0 and multiple-destination digital signatures on a computer running MSMQ 3.0 1

By default, a source computer uses only the MSMQ 1.0 signature to sign non-SRMP messages. Therefore, for compatibility, when you set this registry entry so that a receiving computer will not accept MSMQ 1.0 signatures, make sure that you reset the applicable registry entry on the source computer as well. For more information, see Digital Signature Registry Entries and MSMQMessage.AuthLevel.

IsAuthenticated2 supersedes MSMQMessage.IsAuthenticated and should be used whenever possible. IsAuthenticated2 returns Boolean values that are consistent with the Microsoft® Visual Basic® Boolean data type. Otherwise, both properties are functionally equivalent.

To check what type of digital signature was used to sign the message, the receiving application must look at the MSMQMessage.ReceivedAuthenticationLevel property of the message.

In C++ COM applications, you must use a smart pointer to the IMSMQMessage3 interface to expose the IsAuthenticated2 property.

Equivalent API Function Property

With API function calls, the equivalent property is PROPID_M_AUTHENTICATED.

Requirements

Windows NT/2000/XP: Included in Windows XP and Windows Server 2003.

Windows 95/98/Me: Unsupported.

Header: Declared in Mqoai.h.

Library: Use Mqoa.lib

See Also

MSMQMessage
MSMQMessage.ReceivedAuthenticationLevel
PROPID_M_AUTHENTICATED