Summary
Enterprise Services (COM+) security relies on Windows security to authenticate and authorize callers . Authorization is configured and controlled with COM+ roles that contain Windows group or user accounts. The majority of threats that relate to Enterprise Services applications and serviced components can be addressed with solid coding techniques, and appropriate catalog configuration.
The developer should use declarative attributes to set the serviced component security configuration. These attributes determine how the application is configured when it is initially registered with Enterprise Services (typically using Regsvcs.exe).
Not every security configuration setting can be set with attributes. An administrator must specify the run-as identity for a server application. The administrator must also populate roles with Windows group or user accounts at deployment time.
When you are developing serviced components or are evaluating the security of your Enterprise Security solution, use "Checklist: Securing Enterprise Services" in the "Checklists" section of this guide.
EAN: 2147483647
Pages: 613
- Chapter I e-Search: A Conceptual Framework of Online Consumer Behavior
- Chapter V Consumer Complaint Behavior in the Online Environment
- Chapter VII Objective and Perceived Complexity and Their Impacts on Internet Communication
- Chapter X Converting Browsers to Buyers: Key Considerations in Designing Business-to-Consumer Web Sites
- Chapter XVIII Web Systems Design, Litigation, and Online Consumer Behavior
- MPLS Operation
- Overview of Inter-Provider VPNs
- Command Reference
- Modular QoS CLI: Configuration of QoS on Cisco Routers
- Case Study 2: Implementing Multi-VRF CE, VRF Selection Using Source IP Address, VRF Selection Using Policy-Based Routing, NAT and HSRP Support in MPLS VPN, and Multicast VPN Support over Multi-VRF CE