Administering COM+ Security (part 1) - Viewing the COM+ Catalogue, Populating COM+ Application Roles

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
In the previous section, we compiled and installed a COM+ application that contained our example component. We used .NET attributes to specify the COM+ security settings, but we need to complete the component configuration before the component can be used. In this section, we demonstrate how to assign roles to Windows user accounts and then continue to demonstrate how the COM+ administration tool can be used as an alternative to .NET attributes or as a means to alter the security configuration specified using attributes.

1. Viewing the COM+ Catalogue

The collection of COM+ applications installed on a computer is called the COM+ Catalogue. The catalogue is administered with the Component Services tool, which is included in the Administrative Tools section of the Windows Control Panels. Figure 1 shows the Component Services tool as it appears when first started.

Figure 1. The Component Services tool

Expand the Component Services tree and drill down to the COM+ catalogue for the local computer; Figure 2 shows the list of COM+ services for a standalone computer. The list of applications includes our example application (called SecurityProTracker, named after the assembly we created) as well as system applications that operate as part of Windows.

Figure 2. The COM+ catalogue

2. Populating COM+ Application Roles

Expand the SecurityProTracker item, and you will see details of the COM+ application that we created in the previous section. The Component Services explorer provides information grouped into Components, Legacy Components, and Roles. Expanding the Roles item lists the roles defined by the application, as shown in Figure 3.

Figure 3. The roles associated with the SecurityProTracker COM+ application

You will see icons representing the roles that we specified with the SecurityRole attribute; these roles are Developer, Manager, Tester, and User. You will also see another role, named Marshaler—see the sidebar for details. The COM+ system processed the attributes from our assembly to create these roles, but they are not yet assigned to user accounts, and so clients cannot access our component. In this section, we demonstrate the simple process of assigning roles to user accounts in order to complete the configuration of our example component.

Sidebar 1. The COM+ Marshaler Role

When you install a serviced component that uses the SecureMethod attribute, the COM+ system will automatically create the Marshaler role. The SecureMethod attribute indicates that you wish to apply RBS access control on individual methods defined by the component, so that, for example, users assigned the User role are able to access only the ViewAllDefects method.

The problem this creates is that users with this role have not been granted permission to create new instances of the component or to manage the disposal of component instances (because the constructor and the methods of the IDispose interface are not exposed to the Developer role).

When assigning a role that has been applied to individual methods, you should also assign the Marshaler role. Assigning the Marshaler role to a user account grants that account permission to create new instances of a component, and to call the methods defined by the System.IDisposable, System.IManagedObject, and System.EnterpriseServices.IServicedComponentInfo interfaces; in essence, assigning this role confers the right to create and manage instances of a serviced component.

To assign a COM+ role to a user account, expand the role to reveal the Users item, and right-click to display the menu shown in Figure 4.

Figure 4. Adding a new user to a COM+ role

Select the User item from the New menu to display the dialog box illustrated by Figure 5. Assign a role by typing the name of the user account into the text box—you can specify multiple accounts by separating the account names with a semi-colon. A useful feature is the ability to assign a role to a Windows group, which is equivalent to assigning the role to all of the individual accounts contained within the group. Figure 5 illustrates adding the users Tim, Tom, Tammy, and the group "QA Group" to the COM+ Tester role.

Figure 5. The Select Users or Groups dialog

Pressing the OK button in the Select Users or Groups dialog assigns the roles to the specified accounts and groups; Figure 6 shows the effect of adding Tim, Tom, Tammy, and the QA Group to the Tester role.

Figure 6. The accounts and groups assigned the COM+ Tester role
Top 10
Free Mobile And Desktop Apps For Accessing Restricted Websites
TOYOTA CAMRY 2; 2.5 : Camry now more comely
KIA SORENTO 2.2CRDi : Fuel-sipping slugger
How To Setup, Password Protect & Encrypt Wireless Internet Connection
Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
Backup & Restore Game Progress From Any Game With SaveGameProgress
Generate A Facebook Timeline Cover Using A Free App
New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
- Messages forwarded by Outlook rule go nowhere
- Create and Deploy Windows 7 Image
- How do I check to see if my exchange 2003 is an open relay? (not using a open relay tester tool online, but on the console)
- Creating and using an unencrypted cookie in ASP.NET
- Directories
- Poor Performance on Sharepoint 2010 Server
- SBS 2008 ~ The e-mail alias already exists...
- Public to Private IP - DNS Changes
- Send Email from Winform application
- How to create a .mdb file from ms sql server database.......
programming4us programming4us