Chapter 1 pointed out a number of issues the developer must face when working with COM. You also learned about DCOM issues and how they affect the distributed programming environment. COM+ relies on both of these technologies, so it shouldnt be too surprising to learn youll run into the same problems working with COM+ that you do working with either COM or DCOM. For example, making COM+ applications work across an Internet connection through a firewall is just as hard a task as it is with DCOM applications.
COM+ also includes a few problems of its own. As with COM and DCOM, many developers find COM+ daunting to learn. However, COM+
Another problem is that COM+ tends to change the rules. For example, when working with COM or DCOM, a developer was encouraged to allocate a resource and then hold onto it until every possible need was met. COM+ changes this rule by insisting the developer allocate a resource, use it as quickly as possible for the task at hand, and then release it. In sum, theres a contradiction in the way that COM and COM+ handle the same issue. This problem causes confusion in the developer communitymore confusion than even COM and DCOM created.
Note that Microsoft recognized some deficiencies in the COM and DCOM approach when they were creating the COM+ technology and worked to eliminate these deficiencies. Instead of using the straight connection found in COM and DCOM, COM+ relies on
One of the more important improvements in COM+ is the management features it provides. Youll learn about COM+ management in the Using the Component Services MMC Snap-In section that
Using the Component Services MMC snap-in is an essential part of the development process for COM+ applications. This snap-in helps you perform the following
Export an application proxy so that the client can access the component.
Help the developer or administrator set component security based on the roles users will play in application use.
The Component Services snap-in also provides support for the COM+ publish/subscribe event model. Finally, given the right application setup, the Component Services snap-in will log significant component events for you or you can add event logging support directly into the component. In short, this is the one utility you
The Component Services console shortcut appears in the Administrative Tools folder of the Control Panel. Starting this console displays a window similar to the one shown in Figure 2-1. Notice the console includes the Component Services, Event Viewer, and Services snap-ins. Component Services is where youll manage the COM+ applications you create. Event Viewer helps you to track any significant COM+ events. In most cases, youll use this area to view any errors the COM+ application records. Finally, Services will help you to work with the various operating system services installed on the target machine.
Figure 2-1: Component Services is the main utility that youll use for installing and managing COM+ components.
As with most MMC snap-ins, in the left (scope) pane Component Services uses a hierarchical display (similar to the one found in Windows Explorer) and a detailed view of the highlighted item in the right (results) pane. Most of the icons in this view have context menus you can access with a right click, just as you would with most Microsoft Windows applications. The context
Both Event Viewer and Services let you view a single machine. You can choose the machine you want to view by right-clicking the appropriate folder, and then choosing Connect To Another Computer from the context menu. Youll see the Select Computer dialog box as shown in Figure 2-2. The Browse button helps you select any available computer on the network, including servers that you have rights to access. Click OK, and Windows will connect you to the specified computer.
Figure 2-2: The Select Computer dialog box allows you to choose another computer to view.
Component Services allows you to view more than one computer at a time. This feature helps you to move COM+ applications from one machine to another in the same way youd move files using Windows Explorer. You can add a computer to Component Services by right-clicking the Computers folder, and clicking New and then Computer in the context menu. Youll see an Add Computer dialog box. As with the Select Computer dialog box, you can use the Browse button to find other computers on the network.
The actual content of the Component Services snap-in can vary by operating system version. Figure 2-1 shows the four folders that Windows XP users can access:
Distributed Transaction Coordinator
Windows 2000 users will normally see the COM+ Applications and Distributed Transaction Coordinator folders (as shown in the WinServer entry in Figure 2-3), which are the two folders we need to discuss in this chapter. Lets begin with the COM+ Applications folder. Servers normally have more default applications than workstations do because they have more COM+ roles to fulfill. Figure 2-3 shows a comparison between the default applications for a workstation (My Computer) and for a server (WinServer). Note that Component Services uses a different icon for a local connection than it does for a remote connection so that you can easily see when youre working with the local machine.
Figure 2-3: Component Services will allow you to work with more than one machine at a time.
COM+ applications contain at least two folders: Components and Roles. A Windows XP installation adds a Legacy Components folder to the mix. Roles are a security requirement for a particular component, interface, or method. Well talk about roles in the Adding Security to a COM+ Application section later in the chapter. For now, lets talk about the construction of COM+ applications from the component perspective.
Components contain one or more interfaces. Each interface contains one or more methods.
Each application level provides property settings that modify that levels behavior. For example, you can set role-based security parameters for a COM+ application at the application, component, interface, and method levels. This means you get a very fine level of control over the behavior of an application. Not every level has the same settings because every level
Building a COM+ application doesnt require any programming once you create the required components. However, COM+ applications dont just appear on your server because youve created all the required components. You need to use a wizard to create an empty COM+ application. Once you have the application in place, you can add components to it using a different wizard. Each component is added separately; there isnt any way to add them as a
As with any component, you have to register your COM+ components. In the past, you relied on the integrated development environment (IDE) to perform the task automatically, used RegSvr32 to perform the task manually, or included the registration as part of an installation program or other form of automation. When working with .NET applications, youll rely on the RegAsm utility as a replacement for the RegSvr32 utility. However, the result is the same as when using unmanaged componentsthe component is still registered in the registry.
In the world of COM+, you dont use any of these registration methods Windows registers the component for you as part of the process of adding components to a COM+ application. The act of installing a component registers it on a server that it hasnt been registered on before. Well see in this section that you still need to use the RegAsm utility to create a type library for the COM+ wizards to access.
Ive created a component for demonstration purposes in this chapter. You dont need to create the component or write any code. All the code for this section appears in the Chapter02\MyMath folder of the companion content. You can download the companion content from the Web at http:// www.microsoft.com/mspress/books/6426.asp . The purpose of this sample component is to help you learn how the two wizards work. Examples later in the book will show you how to create various types of components you can register using the procedures well discuss here.
The following sections show how to use the Component Services MMC snap-in to register and install the MyMath component (which includes the MathFunctions class). Youll also learn a little about COM+ security and how to export your application to install it on a client machine. The exported application acts as a proxy the client will call to access the component on the server.
The first thing we need to do is create a new application for our component. The following procedure shows you how to add a new application to Component Services. (This process is different than those youve used for other component types.)
Move the component to a
Type RegAsm MyMath.dll /tlb:MyMath.tlb at the command prompt in the folder used to hold the component, and then press Enter. This step does register the component, but youll find that the registration doesnt work as anticipated with COM+. What we need out of this step is the type library.
Type GacUtil -i MyMath.dll , and press Enter at the command prompt. This step registers the component globally so that the common language runtime can find it when needed. Now we need to register the component with COM+.
During the design and debugging phase of component construction, it pays to create batch (BAT) files that contain the registration and unregistration commands. I usually create one batch file for each purpose. Youll find examples of these two files in the \Chapter02\MyMath\bin\Debug folder of the source code.
Highlight the COM+ Applications entry, and then click the Action menu and then click Application in the New submenu. Youll see the Welcome To The COM+ Application Install Wizard dialog box.
Click Next. Youll see the Install Or Create A New Application page. The Install Pre-built Application(s) option is
Click the Create An Empty Application option. Youll see the Create Empty Application page as shown in Figure 2-4. This page contains a field that holds the
Figure 2-4: Use the COM+ Application Install Wizard to give your application a name and define the application type.
Type a name for the application. The example uses MyMathApp , but you can use any name you like.
Choose between the Server Application and Library Application options. The sample application uses the Server Application option because it allows more complete testing of the component and better protection during debugging.
Click Next. Youll see the Set Application Identity page as shown in Figure 2-5. This page helps you choose the identity used to run the component. Youll normally choose the Interactive User option because it allows you to test for role-based security using the identity of the person logged onto the server. The second option, This User, relies on the identity of a specific person. Its handy for situations when you know another server rather than a
Figure 2-5: Youll use the Set Application Identity page to determine the identity the application uses while running.
Choose the Interactive User option, and then click Next. The example will use the Interactive User option because it provides better application security. This setting will augment the role-based security that well talk about later. Youll see the final COM+ Application Wizard page.
Click Finish. The new application will appear in the list of applications in the COM+ Applications folder. Notice that Windows automatically creates a directory structure you can use for working with the component. Well use this directory structure in the steps that follow to fully configure the COM+ application for use.
The application weve just defined acts as a container for our component. In fact, you could place multiple components within this directory structurethe whole idea is to keep the various applications on the server separate, not
Open the MyMathApp application, and youll see a minimum of two folders: Components and Roles. (You must highlight the Components folder to add new components to the application.) The Components folder holds any components you want to install for the application. The Roles folder contains security roles you can later assign to the application, an individual component, or a method within the component.
Highlight the Components folder, and then use the click Component in the New subfolder of the Action menu to display the COM+ Component Install Wizard dialog box.
Click Next. Youll see the Import Or Install A Component page. The Install New Component(s) option helps you to install components youve placed on the server but havent registered. This is the option you should always use when working with .NET components to ensure you can see all the interfaces and methods they contain. The Import Component(s) That Are Already Registered option helps you to add components that have already been registered on the server. This is the option youll choose for updates (in which case, the GUID is exactly the same for the new component as it was for the old one) or when the component has been registered for some other reason. For example, you might be using your development machine as the test server. If you use this option with a .NET component, make sure the component contains the [Guid] attribute for the class to ensure the GUID remains the same from version to version. Generally, you should avoid this option when working with .NET components to ensure your application works as anticipated. Use the Install New Event Class(es) option to create event classes for subscription use. This particular component installation requires special programming that well discuss in Chapter 11.
Click Install New Component(s). Youll see the Select Files To Install page like the one shown in Figure 2-6. Although you can install components that reside on other machines, youll find that components work more reliably if you place the component on a local server hard drive. (As previously mentioned, youll probably want to place your custom components in a special place on the server to make them easier to find.) Notice that the folder for the sample component includes both the DLL and TLB files. Always select the TLB file because COM+ wont know what to do with the DLL file.
Figure 2-6: Windows will ask for the location of the component you want to install.
Find the component file you want to install. The example uses MyMath.TLB . Highlight the file, and then click Open to complete the selection process. Youll see the Install New Components page similar to the one shown in Figure 2-7. (You might need to check the Details option to get your dialog box to match the one shown in the figure.) Note that the figure shows what you should see when working with the sample component. The example contains both components and a type libraryyoull need both for COM+ applications. Clicking the Add button at this point would allow you to add another file to the list (along with any components the file contains). Our component is also shown as a COM+ component type, and the wizard has found interfaces within the component. (The wizard wont tell you which interfaces have been found at this pointwe can hope, it found the ones you wanted to expose.) You need to check all these items as part of the component setup.
Figure 2-7: Make sure you have all the required
Click Next. Youll see the final COM+ Component Install Wizard page.
Click Finish to complete the Install New Component(s) installation process. Youll see the new component added to the right pane of the Component Services window, as shown in Figure 2-8.
Figure 2-8: The Component Services window will contain the new components youve installed once you complete the COM+ Component Install Wizard.
At this point, the COM+ application and an associated component are installed within the Component Services snap-in. However, the component isnt completely operational yet because we havent installed any security for it. Yes, you can use the component at this pointthere isnt any magic about adding security to the COM+ application. However, adding security is essential for creating a COM+ application that works well.
Theoretically, we could get by without adding any security because the application is already protected by the standard Windows security. However, role-based security is one of the features of COM+ that makes life a lot easier for network administrators and developers alike. This is because you can refine the security measures used to protect a component, the interfaces it contains, and the methods required to perform the applications work. Unlike Windows security, where you have to use a one-
To add role-based security to the component, youll need to create at least one, and preferably two, roles. Well call the first role Administrator so that someone logged on as this role will be able to access all the methods within the MyMath component. The second role can be any other value, but for this example well use User. The User role will be able to access just the four math functions.
Highlight the Roles folder, and then click Role in the New submenu of the Action menu to display the Role dialog box.
Type a name for the role, and then click OK. For the example, well use Administrator for one role and User for the second.
Open the Administrators (or Users) folder, and then highlight the Users folder. Click User in the New submenu of the Action menu to display the Select Users Or Groups dialog box shown in Figure 2-9. This is where youll choose the users that can access components using the Administrator role.
Figure 2-9: The Select Users Or Groups dialog box allows you to choose which users or groups will perform the task specified by the role.
Click OK. The selected users or groups will get added to the Users folder for the appropriate role in the Component Services window.
Repeat steps 1 through 5 for the User role. However, in this case, use your own name, a test user name, or the Users group instead of the Administrators group for the Users folder. Figure 2-10 shows a security setup that would be typical for our scenario. Obviously, any production components you create will have a more complex security setup that allows users to access the components you create in specific roles.
Figure 2-10: Role-based security allows you to define the access a user gets to the methods within a component based on the role that user performs.
With this change in methodology in mind, lets see what youll need to do to add security to the MyMath component. First youll need to enable role- based security. This means making a change at the application level. Right-click the MyMathApp entry, and then choose Properties from the context menu. Youll see the MyMathApp Properties dialog box. Choose the Security tab of this dialog box, and youll see the security options shown in Figure 2-11. This is where you determine what kind of security an application will use.
Figure 2-11: You must set security at the application level before you can use role-based security.
You cant use role-based security with library applications. This feature is designed to work only with server applications. Unfortunately, Windows wont protect you from adding role-based security to a library application. This means you could make settings changes that cause an application to stop working for no apparent reason. In other words, this is one setting you should check when you have a malfunctioning library application.
There are actually two settings you need to look at. First make sure you check the Enforce Access Checks For This Application option. This setting enforces security at the component, interface, and method levels. Second make sure you allow access checks at both the process and component levels. You can do this by selecting the second option in the Security Level group shown in Figure 2-11. (The figure shows the Security Level properly configured.) You need to select this option if you plan to use role-based security within your components as well. Otherwise, your components will be limited to whatever security Windows provides at the application level.
Now that we have role-based security enabled at the application level, right-click the MyMath.MathFunctions component and choose Properties from the context menu. Youll see the MyMath.MathFunctions Properties dialog box.
As you can see, the MyMath.MathFunctions Properties dialog box helps you to configure a relatively wide range of component options, including whether the component supports transactions. There are also options for allowing the component to engage in object pooling (normally a good idea with database components) and concurrency. Click the Security tab, and youll see the Security tab of the MyMath.MathFunctions Properties dialog box, similar to the one shown in Figure 2-12. Notice that both the roles weve created are available for use with this component.
Figure 2-12: Windows will automatically display any roles youve created for a COM+ application at all application levels.
Remember that we have role-based security enabled, but as you can see in Figure 2-12,
Now, lets look at the effect of our decision at a lower level of the application. Right-click the
interface (located in the Interfaces folder for the application), and then choose Properties from the context menu. Click the Security tab, and youll see the _MathFunctions Properties dialog box. Notice that we still have two options to choose from with regard to role-based security, but that Administrator appears in the Roles Inherited By Selected Item(s) list box. This means you dont have a choice about the Administrator role
Right-click the DoAdd entry in the Methods folder, and choose Properties. Click the Security tab. Youll see the same list of inherited roles and defined roles as before. This time, select the User role and click OK. The User role now has access to the DoAdd() method. Perform the same task for the other three simple math entries: DoSubtract, DoMultiply, and DoDivide.
As with COM, COM+ applications require a proxy on the client machine. The client sees the proxy as the component. Of course, the proxy merely poses as the component and
Open Component Services on the server. Locate the MyMathApp application in the COM+ Applications folder.
Right click MyMathApp , and then choose Export from the context menu. Youll see the Welcome To The COM+ Application Export Wizard dialog box.
Click Next. Youll see the Application Export Information page shown in Figure 2-13. This is where youll choose the name and type of export application created. We need a proxy application, in this case, so that the installation routine will direct the MyMathApp requests to the server, not to the local machine.
Figure 2-13: Windows will allow you to export your COM+ applications in several formatsincluding as a proxy application.
Type a name for the application you want to create. (The example uses the name MyMathAppInstall.MSI , but you can use any name you want.)
Choose the Application Proxy option.
Click Next. Youll see the final COM Application Export Wizard page.
Click Finish. At this point, the application you need is created; all you need to do is install it.
Locate the MyMathAppInstall.msi file on the client machine. Youll need to install the proxy application on every machine that will use the component in the COM+ application.
Right-click MyMathAppInstall.msi , and then choose Install from the context menu. An installation dialog will appear for a few moments, and then go away. At this point, you have access to the server-side component through the proxy application. You could create a standard Visual Basic application and use the component without ever seeing the connection between the client and server.
If you open Component Services on the client machine at this point, youll see that theres a new application named MyMathApp . However, this application isnt the full-fledged application found on the serverits an application proxy. Open the MyMathApp Properties dialog box, and youll notice you cant change any of the application options. This application is designed to precisely replicate the server application.