As quoted from http://msdn.microsoft.com/en-us/library/19ww660c(VS.71).aspx
Private queues are not published across the entire network. Instead they are available only on the local computer that contains them. Private queues can be accessed only by applications that know the full path name or label of the queue.
I've set-up a private queue on a Windows 2008 web server running IIS, (with no active directory).
My C# .NET web service running on the IIS server could read/write to the private queue, after I granted IIS_IUSRS both Receive and Send Message access for the queue.
I want to ensure that the no external applications can access this private queue. So I wrote a C# console app that connected to the remote queue using
DIRECT=TCP:xxx.xxx.xxx.xxxx\private$\MyQueueName
However, when I attempt to connect I get back
Invalid queue path name.
Can somebody confirm that only my .NET web service has access to this private queue ? My only other concern is that any .NET web service (running on this same IIS server) would be able to read this private queue, if they knew the name, since I had to grant IIS_IUSRS Read/Write access to the private queue.
Clarification on this issue and my security concerns would be appreciated.