如何:設定完整對話安全性的起始服務 (Transact-SQL)
對於裝載起始服務之資料庫中存在遠端服務繫結的服務,SQL Server 會對任何與該服務的交談使用對話安全性。如果裝載目標服務的資料庫包含與建立對話之使用者相對應的使用者,且遠端服務繫結未指定匿名安全性,則對話會使用完整安全性。
若要確定起始服務使用對話安全性,可以建立該服務的遠端服務繫結。若要讓 SQL Server 使用完整安全性,遠端服務繫結不能指定匿名安全性,且目標資料庫必須設定對此服務使用完整安全性。
若要設定起始服務以取得完整對話安全性
從受信任來源取得遠端資料庫中目標服務擁有者的憑證。通常,這涉及使用加密的電子郵件傳送憑證,或在實體媒體 (如磁片) 上傳送憑證。
安全性注意事項 僅安裝來自受信任來源的憑證。
[!附註]
憑證必須使用資料庫的主要金鑰加密。如需詳細資訊,請參閱<CREATE MASTER KEY (Transact-SQL)>。
為遠端服務建立不含登入的使用者。
安裝遠端服務使用者的憑證。前一步驟中建立的使用者會擁有憑證。
建立遠端服務繫結,以指定遠端服務使用者和服務。
建立要擁有本機服務的使用者,不含登入。
建立本機服務的憑證。前一步驟中建立的使用者會擁有憑證。
[!附註]
憑證必須使用資料庫的主要金鑰加密。如需詳細資訊,請參閱<CREATE MASTER KEY (Transact-SQL)>。
備份憑證。
安全性注意事項 僅備份此使用者的憑證。請勿備份或散發與憑證關聯的私密金鑰。
向遠端資料庫的資料庫管理員提供起始服務的憑證和名稱。例如,您可以藉由將憑證置於檔案共用,在實體媒體 (磁片或 CD-ROM) 上交換憑證,或透過安全的電子郵件交換憑證。
[!附註]
若要讓 SQL Server 使用完整對話安全性,憑證必須安裝在遠端資料庫中,且步驟 7 中建立的使用者必須是開始交談的使用者。
範例
USE AdventureWorks ;
GO
--------------------------------------------------------------------
-- The first part of the script configures security to allow the
-- remote service to send messages in this database. The script creates
-- a user in this database, loads the certificate for the remote service,
-- grants permission to the user, and creates a remote service binding.
-- Given a certificate for the owner of the remote target service
-- SupplierOrders, create a remote service binding for
-- the service. The remote user will be granted permission
-- to send messages to the local service OrderParts.
-- This example assumes that the certificate for the service
-- is saved in the file'C:\Certificates\SupplierOrders.cer' and that
-- the initiating service already exists.
-- Create a user without a login. For convenience,
-- the name of the user is based on the name of the
-- the remote service.
CREATE USER [SupplierOrdersUser]
WITHOUT LOGIN ;
GO
-- Install a certificate for a user
-- in the remote database. The certificate is
-- provided by the owner of the remote service. The
-- user for the remote service owns the certificate.
CREATE CERTIFICATE [SupplierOrdersCertificate]
AUTHORIZATION [SupplierOrdersUser]
FROM FILE='C:\Certificates\SupplierOrders.cer' ;
GO
-- Create the remote service binding. Notice
-- that the user specified in the binding
-- does not own the binding itself.
-- Creating this binding specifies that messages from
-- this database are secured using the certificate for
-- the [SupplierOrdersUser] user.
-- When the anonymous option is omitted, anonymous is OFF.
-- Therefore, the credentials for the user that begins
-- are used in the remote database.
CREATE REMOTE SERVICE BINDING [SupplierOrdersBinding]
TO SERVICE 'SupplierOrders'
WITH USER = [SupplierOrdersUser] ;
GO
--------------------------------------------------------------------
-- The second part of the script creates a local user that will begin
-- conversations to the remote service. The certificate for this
-- user must be provided to the owner of the remote service.
-- Create a user without a login for the local service.
CREATE USER [OrderPartsUser]
WITHOUT LOGIN ;
GO
-- Create a certificate for the local service.
CREATE CERTIFICATE [OrderPartsCertificate]
AUTHORIZATION [OrderPartsUser]
WITH SUBJECT = 'Certificate for the order service user.';
GO
-- Make this user the owner of the initiator service.
ALTER AUTHORIZATION ON SERVICE::OrderParts TO OrderPartsUser
-- Backup the certificate for the user that initiates the
-- conversation. This example assumes that the certificate
-- is named OrderServiceCertificate.
BACKUP CERTIFICATE [OrderPartsCertificate]
TO FILE = 'C:\Certificates\OrderParts.cer' ;
GO
-- Grant RECEIVE permissions on the queue for the service.
-- This allows the local user to begin conversations from
-- services that use the queue.
GRANT RECEIVE ON [OrderPartsQueue] TO [OrderPartsUser] ;
GO