实现远程服务器的Service Broker

于 2017-09-14 14:52:49 发布
阅读量824 收藏
点赞数 1
分类专栏: SqlServer/Access
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/litao2/article/details/77980327
版权
本文介绍了如何通过启用传输安全、对话安全模式,创建路由和远程绑定来实现基于Windows身份验证或证书的远程服务器Service Broker通信。
摘要由CSDN通过智能技术生成

为了实现跨越服务器通信,可以通过Windows身份验证或基于证书的身份验证,启用传输安全模式、启用对话安全模式、创建路由、创建远程绑定。

--在实例1上
use master
go

if exists(select 1 from sys.databases where name = 'bookstore')
	drop database bookstore
else
	create database bookstore
go

--开启service broker
alter database bookstore set enable_broker
--指明 SQL Server 实例是否信任该数据库以及其中的内容。
alter database bookstore set trustworthy on 


use bookstore
go

create message type [//BookConsulting/SendBookOrder]
validation = well_formed_xml
go

create message type [//BookConsulting/BookOrderReceived]
validation = well_formed_xml
go


create contract [//BookConsulting/BookOrderContract]
(
	[//BookConsulting/SendBookOrder] sent by initiator,
	[//BookConsulting/BookOrderReceived] sent by target
)
go



create queue BookStoreQueue
with status = on


create service [//BookConsulting/BookOrderService]
on queue dbo.BookStoreQueue
(
	[//BookConsulting/BookOrderContract]
)

--在实例2上
use master
go

if exists(select 1 from sys.databases where name = 'bookdistribution')
	drop database bookdistribution
else
	create database bookdistribution
go


alter database bookdistribution set enable_broker

alter database bookdistribution set trustworthy on


use bookdistribution
go

create message type [//BookConsulting/SendBookOrder]
validation = well_formed_xml
go

create message type [//BookConsulting/BookOrderReceived]
validation = well_formed_xml
go


create contract [//BookConsulting/BookOrderContract]
(
	[//BookConsulting/SendBookOrder] sent by initiator,
	[//BookConsulting/BookOrderReceived] sent by target
)
go



create queue BookDistributionQueue
with status = on


create service [//BookConsulting/BookDistributionService]
on queue dbo.BookDistributionQueue
(
	[//BookConsulting/BookOrderContract]
)

--实例1
use master 
go


--1.删除已经存在的数据库主密钥
drop master key


--2.创建数据库主密钥
create master key encryption by password = '123456!@#'


--3.创建证书
create certificate bookMasterCert
with subject = 'book Transport Security Service Broker',
	 expiry_date = '2050-12-31' 


--4.备份证书
backup certificate bookMasterCert
to file = 'd:\bookMasterCert.cer'
go

select * from sys.database_mirroring_endpoints 

--5.创建端点
create endpoint service_broker_book_endpoint
state = started
--需要提供传输协议(TCP 或 HTTP)特定的信息,设置端点的侦听端口号,以及设置端点身份验证的方法和/或要限制访问端点的 IP 地址列表(如果有的话)。
as tcp (listener_port = 4020)
--在此部分中,需要定义端点上所支持的负载。
--负载可以为以下多种支持类型中的一种:SOAP、Transact-SQL、Service Broker、数据库镜像。
for service_broker (
						authentication = certificate bookMasterCert,--证书
						encryption = required --密钥
                   )



--6.创建SQL Server的登录名
create login service_broker_login
with password = 'service_broker_login123'


--7.创建数据库用户名
create user service_broker_user
for login service_broker_login


--8.授予数据库用户可以连接端点
grant connect on endpoint::service_broker_book_endpoint 
              to service_broker_login


--9.通过另一个实例复制到本地服务器上的证书文件,来创建证书
create certificate bookDistributionMasterCert
authorization service_broker_user
from file = 'd:\bookDistributionMasterCert.cer'
go


--实例2
use master 
go


--删除数据库主密钥
drop master key

create master key encryption by password = '123456&^%'


create certificate bookDistributionMasterCert
with subject = 'bookDistribution Transport Security Service Broker',
	 expiry_date = '2080-12-31' 


backup certificate bookDistributionMasterCert
to file = 'e:\bookDistributionMasterCert.cer'


create endpoint service_broker_bookdistribution_endpoint
state = started
as tcp (listener_port = 4021)
for service_broker (
						authentication = certificate bookDistributionMasterCert,
						encryption = required
                   )


create login service_broker_login
with password = 'service_broker_login123'


create user service_broker_user
for login service_broker_login


grant connect on endpoint::service_broker_bookdistribution_endpoint 
              to service_broker_login


use master 
go
create certificate bookMasterCert
authorization service_broker_user
from file = 'd:\bookMasterCert.cer'
go


--实例1
use bookstore
go

--drop master key
--1.创建数据库主密钥
create master key encryption by password = '123456!@#'  
--查看创建的主密钥
select * from sys.symmetric_keys

--2.创建证书,这里可以给当前数据库用户创建多个证书,不会有影响
--当接收到其他服务器传送过来的消息时,可以用这个证书来解密消息
create certificate BookStoreCert
with subject = 'BookStore service broker cert',
     expiry_date = '2080-12-31'


--3.备份证书
backup certificate bookstorecert
to file = 'd:\bookstorecert.cer'
go


--4.创建数据库用户,此用户只可以有一个证书
create user bookDistributionUser
without login
go


--5.通过从另一个实例复制过来的证书,来创建证书,并指定所有者为此用户
create certificate bookDistributionCert
authorization bookDistributionUser        --此用户只能拥有一个证书,
                                          --在发送消息时会用这个证书来加密消息
from file = 'd:\bookDistributionCert.cer'


--6.授予此用户名在某个服务上发送的权限
grant send on service::[//BookConsulting/BookOrderService] to bookDistributionUser
go


--7.创建路由
create route route_bookDistribution
with service_name = '//BookConsulting/BookDistributionService',
     address = 'tcp://192.168.5.9:4021'


--8.创建远程绑定
create remote service binding bookDistributionBinding
to service '//BookConsulting/BookDistributionService'
with user = bookDistributionUser


--9.开始会话,发送消息
declare @conversation_handler uniqueidentifier
declare @order_msg xml;


begin dialog conversation @conversation_handler
from service [//BookConsulting/BookOrderService]
to service '//BookConsulting/BookDistributionService'
on contract [//BookConsulting/BookOrderContract]


set @order_msg = 
	'<order id="1234" customer="22" orderdate="2012-10-01">
	<LineItem ItemNumber="1" ISBN="1-12345-123-0" Quantity="1" />
	</order>
	';


--send语句可以发送消息	
send on conversation @conversation_handler
message type [//BookConsulting/SendBookOrder]
(@order_msg);



--启用对话安全模式
--实例2
use bookdistribution
go

create master key encryption by password = '123456&^%'  


--当接收到对方发送的消息后,用此证书来解密
create certificate BookDistributionCert
with subject = 'BookDistribution service broker cert',
     expiry_date = '2080-12-31'


backup certificate bookDistributioncert
to file = 'd:\bookDistributioncert.cer'


create user bookStoreUser
without login


--在发送之前,用此证书来加密消息
create certificate bookStoreCert
authorization bookStoreUser
from file = 'd:\bookStoreCert.cer'


grant send on service::[//BookConsulting/BookDistributionService] to bookStoreUser


create route route_bookStore
with service_name = '//BookConsulting/BookOrderService',
     address = 'tcp://192.168.5.6:4020'


create remote service binding bookStoreBinding
to service '//BookConsulting/BookOrderService'
with user = bookStoreUser


--查询消息
SELECT *
FROM dbo.bookdistributionqueue

tiz198183
关注
专栏目录
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

tiz198183

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值