Hi all,

While i'm checking the bindings file, i found that there is a boolean attribute named HostTrusted on the SendHandler tag.

Do you have any idea about usefulness of this attribute ?

<SendHandler Name="BizTalk*****" HostTrusted="false">

          <TransportType Name="nsoftware.SFTP v3" Capabilities="****" ConfigurationClsid="****" />

 </SendHandler>

• Edited by Aheriz Thursday, January 09, 2014 11:36 AM Changing title

A BizTalk Host must be configured as trusted in order to write a senders identification information to a messages context.  If the message will be routed through components running in other hosts, the subsequent hosts must be configured as trusted to see the senders identification information.  

I hope this will help you

• Marked as answer by Aheriz Friday, January 10, 2014 11:02 AM

That attribute defines the "Trust" settings of the Host Instance as defined on the system where the Binding was generated. If the binding was generated through "Add Adapter" then it is likely to be "False".

When importing the bindings however, this settings however if "do not match" those on the deployment system will cause the import of the bindings to fail. If the host instance does not match, it is OK as depending on the "Default Handler" Host Instance on the destination, the bindings will get imported. If on the destination system there is a matching Host Instance then the Trust should be the same.

For understanding the importance of the attribute per-se at the Host Level, refer to http://msdn.microsoft.com/en-us/library/aa562062.aspx as it has to do with message security between the various host instances. So if message security is important and following guidelines, w.r.t Hosts (sending, processing and receiving), the hosts should be "Trusted". Also AFAIK, this attribute can be changed post creation.

Regards.

• Marked as answer by Aheriz Friday, January 10, 2014 11:02 AM

Hi Aheriz,

When message is read from channel, receive adapter performs protocol-level authentication of the sender
to identify Windows user account that represents the sender of the message.
 Windows user account is populated in SSID (sender security id) context property of the message.
 For example if message is posted on HTTP channel using windows authentication then authenticated windows
 account becomes SSID.
Hosts in BizTalk can be configured as Authentication Trusted.

If host (under which receive handler is running) is not configured as authentication trusted then message box
 overwrites SSID with service account of receive handler host and PID with the guest id.
 SSID and PID are two context level properties of messages.

Thanks

Abhishek

• Proposed as answer by Abhishek0127 Thursday, January 09, 2014 12:35 PM
• Marked as answer by Aheriz Friday, January 10, 2014 11:03 AM

Basically, it allows the Windows SSID of the original sender to be included on messages it processes.

The SSID is the unique identifier Windows (AD) uses to identifier users internally.

Usefulness?  In a Service orchestration pattern, it can be useful but I've never had occasion to set this to anything other than False.

• Marked as answer by Aheriz Friday, January 10, 2014 11:03 AM