IIS app pool access network MSMQ c#

Question

This is the scenario:

1. We have an IIS set up on server A configured with own app pool and an ASP.NET API
2. We have two configured MSMQ services one in server A and another in server B
3. We configured access to MSMQ to default app pool in server A (IIS and MSMQ are on the same server) and the permissions work fine, only app pool can send messages
4. We tried to set up the same for MSMQ at server B (and no messages are sent from API) 4.1 We set permissions in MSMQ Server B to all users still no messages can be sent from API ( but we can send messages from a winforms test app)

Has anyone faced similar situation? Are there any specific setup for this ?

BR

Geo

Answer 1

This sounds like The Double-Hop Problem and prohibits forwarding of client details from your server to another machine. The issue does not occur when you have IIS and MSMQ on the same machine since there's only one hop (user to server).

There's a lot more technical details published on this at How to use the System.DirectoryServices namespace in ASP.NET, which explains the double-hop issue, and primary and secondary tokens.