如何将起始服务配置为使用完全对话安全模式 (Transact-SQL)
如果承载发起服务的数据库中存在某服务的远程服务绑定,那么,SQL Server对与该服务的任何会话均使用对话安全模式。如果数据库的宿主目标服务包含的用户对应于创建该对话的用户,而且远程服务绑定没有指定匿名安全模式,则该对话使用完全安全模式。
若要确保起始服务使用对话安全模式,则应为该服务创建远程服务绑定。为了使 SQL Server 使用完全安全模式,远程服务绑定不能指定匿名安全模式,而且目标数据库必须配置为对此服务使用完全安全模式。
将起始服务配置为使用完全对话安全模式
获取目标服务的所有者的证书,该目标服务位于来自可信源的远程数据库中。这通常会涉及到使用加密电子邮件发送证书或通过软盘等物理媒体传输证书。
.gif "ms166037.security(zh-cn,SQL.90).gif")
安全说明:只能安装来自可信来源的证书。 .gif "ms166037.note(zh-cn,SQL.90).gif")
注意:证书必须使用数据库的主密钥进行加密。有关详细信息,请参阅 CREATE MASTER KEY (Transact-SQL)。 为远程服务创建一个用户,该用户创建后不登录。
为该远程服务用户安装证书。上一步中创建的用户拥有该证书。
创建指定该远程服务用户和该服务之间关系的远程服务绑定。
创建一个拥有该本地服务的用户,该用户创建后不登录。
为本地服务创建一个证书。上一步中创建的用户拥有该证书。
注意:证书必须使用数据库的主密钥进行加密。有关详细信息,请参阅 CREATE MASTER KEY (Transact-SQL)。 备份该证书。
安全说明:只需备份此用户的证书。请勿备份或分发与该证书关联的私钥。 为远程数据库的数据库管理员提供证书和发起服务的名称。例如,您可以使用软盘或 CD-ROM 等物理媒体交换证书,也可以将证书放在文件共享位置来交换证书,或通过受保护的电子邮件交换证书。
注意:为了使 SQL Server 使用完全对话安全模式,必须将证书安装在远程数据库上,而且在步骤 7 中创建的用户必须是启动会话的用户。
示例
USE AdventureWorks ;
GO
--------------------------------------------------------------------
-- The first part of the script configures security to allow the
-- remote service to send messages in this database. The script creates
-- a user in this database, loads the certificate for the remote service,
-- grants permission to the user, and creates a remote service binding.
-- Given a certificate for the owner of the remote target service
-- SupplierOrders, create a remote service binding for
-- the service. The remote user will be granted permission
-- to send messages to the local service OrderParts.
-- This example assumes that the certificate for the service
-- is saved in the file'C:\Certificates\SupplierOrders.cer' and that
-- the initiating service already exists.
-- Create a user without a login. For convenience,
-- the name of the user is based on the name of the
-- the remote service.
CREATE USER [SupplierOrdersUser]
WITHOUT LOGIN ;
GO
-- Install a certificate for a user
-- in the remote database. The certificate is
-- provided by the owner of the remote service. The
-- user for the remote service owns the certificate.
CREATE CERTIFICATE [SupplierOrdersCertificate]
AUTHORIZATION [SupplierOrdersUser]
FROM FILE='C:\Certificates\SupplierOrders.cer' ;
GO
-- Create the remote service binding. Notice
-- that the user specified in the binding
-- does not own the binding itself.
-- Creating this binding specifies that messages from
-- this database are secured using the certificate for
-- the [SupplierOrdersUser] user.
-- When the anonymous option is omitted, anonymous is OFF.
-- Therefore, the credentials for the user that begins
-- are used in the remote database.
CREATE REMOTE SERVICE BINDING [SupplierOrdersBinding]
TO SERVICE 'SupplierOrders'
WITH USER = [SupplierOrdersUser] ;
GO
--------------------------------------------------------------------
-- The second part of the script creates a local user that will begin
-- conversations to the remote service. The certificate for this
-- user must be provided to the owner of the remote service.
-- Create a user without a login for the local service.
CREATE USER [OrderPartsUser]
WITHOUT LOGIN ;
GO
-- Create a certificate for the local service.
CREATE CERTIFICATE [OrderPartsCertificate]
AUTHORIZATION [OrderPartsUser]
WITH SUBJECT = 'Certificate for the order service user.';
GO
-- Make this user the owner of the initiator service.
ALTER AUTHORIZATION ON SERVICE::OrderParts TO OrderPartsUser
-- Backup the certificate for the user that initiates the
-- conversation. This example assumes that the certificate
-- is named OrderServiceCertificate.
BACKUP CERTIFICATE [OrderPartsCertificate]
TO FILE = 'C:\Certificates\OrderParts.cer' ;
GO
-- Grant RECEIVE permissions on the queue for the service.
-- This allows the local user to begin conversations from
-- services that use the queue.
GRANT RECEIVE ON [OrderPartsQueue] TO [OrderPartsUser] ;
GO
请参阅
任务
如何将目标服务配置为使用完全对话安全模式 (Transact-SQL)
如何为本地服务配置权限 (Transact-SQL)
其他资源
CREATE LOGIN (Transact-SQL)
CREATE USER (Transact-SQL)
CREATE REMOTE SERVICE BINDING (Transact-SQL)
加密层次结构