Page #89 (Client-Side Security Programming)



In this chapter, we looked at various security issues to be considered when using COM servers and COM clients. We learned the security basics of the Windows platform and looked at the security model provided by COM.

The COM security model provides many security settings that can be configured. Some security parameters are completely controlled by the client, some by the server, and the rest can be controlled either by the client or the server. COM+ negotiates the security blanket between the client and server.

The client dictates the impersonation level to be used during communication. We examined the implications of various levels of impersonation.

The security mechanism under COM can be subdivided into declarative security and programmatic security. Using declarative security, such as assigning user roles to an application, one can control access to a component without complex programming.

A finer control can be obtained by letting the server and the client programmatically define their individual security parameters.

Finally, we looked at programmatic aspects of security from the server s perspective as well as from the client s perspective.


COM+ Programming. A Practical Guide Using Visual C++ and ATL
COM+ Programming. A Practical Guide Using Visual C++ and ATL
ISBN: 130886742
Year: 2000
Pages: 129 © 2008-2017.
If you may any questions please contact us: