COM+ provides full support for role-based security. Roles can be added to a COM+ application that contain a list of authorized users or groups. The code within a COM+ application can then check to see if the calling user belongs to a specific role and act accordingly. This allows for method-call-level security against unauthorized use.
To see this in action, first you need to make sure that your COM+ application authenticates method calls. By default, this authentication is turned on, so you should only need to modify these settings if you previously turned them off.
Within your application, you can check to see if the calling client belongs to a specific role with the following line of code:
Before checking to see if a caller belongs to a certain role, you should make sure that security checking is enabled for the application:
if (SecurityCallContext.CurrentCall.IsSecurityEnabled) ...
If security checking is not enabled, the IsCallerInRole method won't do you any good. Also keep in mind that these roles are roles defined using the Component Services control panelthey are not Windows security groups, although you can include a Windows security group in a COM+ role.