使用MSMQ远程队列

Question

I have running a MSMQ (Message Queuing System) on our web server (Windows 2008), which also has IIS 7.

We have a existing public accessible ASMX web service that takes in a Xml request, and writes the relevant data (unencrypted) in a message to the local MSMQ using the following code;

MessageQueue oMessageQueue = new MessageQueue(@"DIRECT=https://myip/private$/Orders");

try
{
  Order oOrder = new Order();       
  oOrder.Id = 1;    
  oOrder.ProductId = "XYZ-123";
  oOrder.Quantity = 2;
  oOrder.CardNumber = "1111222233334444";
  oOrder.CardExpiry = "2014-12";
  oOrder.CardCv2 = "123";
  oMessageQueue.Send(oOrder);
  return true;
}
catch(Exception ex)
{
   return false;
}

I have a Console app written in C# that needs to read the remote private queue, and process the messages. However I need to enforce the following

(1) All requests to the queue are made over HTTPS (the data contains sensitive card holder data)

(2) All requests to the queue are authenticated.

(3) Am I best querying the remote queue, or setting up a site to site connection between two messaging queues, and the local Console App access the local queue.

(4) Since the queue will temporary contain card holder data, should I encrypt the message in the queue

(5) How can I enforce that if the server hosting the MSMQ is restarted that the messages are stored and can still be processed

Can anyone offer some advice on the above ?

Answer 1

1) If you're using MSMQ 3.0 or later then HTTPS messaging is available

2) There are different approaches/limitations when it comes to authentication, I'd recommend you explore the documentation in-depth to make sure MSMQ can satisfy your needs, you can start here

3) My personal preference has always been to send to a remote queue and read locally but I think the 'best' approach would depend heavily on you solution architecture

4) Yes

5) Setting the Recoverable property on messages takes care of this, it impacts performance though