To answer your questions:
- Is it possible to secure the bus to prevent 3rd party apps from sending data?
The Azure one and the Windows Server Service Bus use security tokens to secure the access. Unless you want to explicitly allo unauthenticated users to access your Service Bus (why would you?). You can read more on Authenticating and Authorizing Service bus here.
- Is there built in support to prevent/detect forged messages, or should i implement my own signature hash on the packet contents?
Nope. But there is built-in
support for Authenticating and Authorizing. So unless you think anyone has stolen your SB credentials, all messages should be reliable
. And if someone has stolen your SB credentials, most probably he/she has also stolen your hashing/signing algorithm and can generate system-valid message, so I would not bother for this part.