SECURITY

Programming COM+ Security (part 1) - Creating the Serviced Component, Specifying the COM+ Application Type

8/11/2012 5:15:15 PM
In this section, we explain how to configure COM+ security with .NET attributes; we do this by creating and deploying an example serviced component. We demonstrate how to use COM+ RBS and PAS to control access to a simple component that tracks software defects for an imaginary software product called SecurityPro

We begin by defining the IDefectTracker interface, which contains the three methods we use to simulate defect tracking. We briefly describe the purpose of each interface method in the list below. We are developing this component to demonstrate COM+ security, so we do not define types to represent defects, or specify method arguments:


ViewAllDefects

Returns all of the pending defects for the product


CreateNewDefect

Creates a new record representing a pending defect


CloseDefect

Closes a defect and removes it from the pending list

The following statements define our simple IDefectTracker interface:

# C#

using System;

public interface IDefectTracker {

    void ViewAllDefects(  );

    void CreateNewDefect(  );

    void CloseDefect(  );
}

# Visual Basic .NET

Imports System

Public Interface IDefectTracker

    Sub ViewAllDefects(  )

    Sub CreateNewDefect(  )

    Sub CloseDefect(  )

End Interface

In the following sections, we create a serviced component that implements the IDefectTracker interface, and apply .NET attributes to configure COM+ RBS and PAS.

1. Creating the Serviced Component

A serviced component must inherit from the System.EnterpriseServices.ServicedComponent class and must be a member of a strong-named assembly. The following statements list the SecurityProTracker class, which extends ServicedComponent and implements the IDefectTracker interface.

# C#

using System;
using System.EnterpriseServices;

// Specify the file containing the key for assembly signing
						[assembly: System.Reflection.AssemblyKeyFile("mykey.key")]

public class SecurityProTracker: ServicedComponent, IDefectTracker {

    public void ViewAllDefects(  ) {}

    public void CreateNewDefect(  ) {}

    public void CloseDefect(  ) {}
}

# Visual Basic .NET

Imports System
Imports System.EnterpriseServices

' Specify the file containing the key for assembly signing
						<Assembly: System.Reflection.AssemblyKeyFile("mykey.key")>

Public Class SecurityProTracker
    Inherits ServicedComponent
    Implements IDefectTracker

    Public Sub ViewAllDefects(  ) Implements IDefectTracker.ViewAllDefects
    End Sub

    Public Sub CreateNewDefect(  ) Implements IDefectTracker.CreateNewDefect
    End Sub

    Public Sub CloseDefect(  ) Implements IDefectTracker.CloseDefect
    End Sub

End Class

2. Specifying the COM+ Application Type

The System.EnterpriseServices.ApplicationActivation class is the first COM+ attribute we apply, allowing us to specify whether we want a COM+ server or library application. This attribute accepts a single parameter, which must be a value from the System.EnterpriseServices.ActivationOption enumeration, the values of which are detailed in Table 1. Application proxies are created with the Component Services tool; consult the Windows documentation for details.

Table 1. The enumeration values
Value Description
Library Specifies that serviced components are activated in the client application process
Server Specifies that serviced components are activated in a process provided by COM+

The emphasized statements in the code fragment below demonstrate the use of the ApplicationActivation attribute to specify a COM+ server application for our example component:

# C#

using System;
using System.EnterpriseServices;

// Specify the file containing the key for assembly signing
[assembly: System.Reflection.AssemblyKeyFile("mykey.key")]
// Specify that we want a COM+ Server application
						[assembly: ApplicationActivation(ActivationOption.Server)]

public class SecurityProTracker: ServicedComponent, IDefectTracker {

# Visual Basic .NET

Imports System
Imports System.EnterpriseServices

' Specify the file containing the key for assembly signing
<Assembly: System.Reflection.AssemblyKeyFile("mykey.key")> 
' Specify that we want a COM+ Server application
						<Assembly: ApplicationActivation(ActivationOption.Server)> 

Public Class SecurityProTracker
    Inherits ServicedComponent
    Implements IDefectTracker
Other  
  •  COM+ Security : COM+ Security Explained
    •
  •  Password Hacks (Part 3) - Alternatives to passwords
    •
  •  Password Hacks (Part 2) - Criminal activity
    •
  •  Password Hacks (Part 1) - Stop Thieves Taking Data And Protect Yourself
    •
  •  Programming .NET Security : Using the Code-Access Security Policy Tool (part 2) - Evaluating Security Policy
    •
  •  Programming .NET Security : Using the Code-Access Security Policy Tool (part 1) - Administering Policy Levels
    •
  •  Programming .NET Security : Extending the .NET Framework (part 2) - Using the AuthorMembershipCondition Membership Condition
    •
  •  Programming .NET Security : Extending the .NET Framework (part 1) - Defining the AuthorMembershipCondition Class
    •
  •  The Keychain
    •
  •  Sharepoint 2010 : The SharePoint Security Object Model (part 2) - Elevating Security
    •
  •  Sharepoint 2010 : The SharePoint Security Object Model (part 1)
    •
  •  Talking Up Security At Iswec 2012 (Part 2)
    •
  •  Talking Up Security At Iswec 2012 (Part 1)
    •
  •  Keeping Safe Yourdevices And Data From Anywhere
    •
  •  E-Set On Security
    •
  •  Attack Of The Killer Wifi
    •
  •  Programming Security Policy (part 4) - Programming Application Domain Policy
    •
  •  Programming Security Policy (part 3) - Programming the Security Manager
    •
  •  Programming Security Policy (part 2) - Programming Policy Levels
    •
  •  Programming Security Policy (part 1) - Programming Code Groups
    •
     
    Most View
    Windows Server 2008 : Domain Name System and IPv6 - Secure DNS with DNSSEC
    Programming the iPhone : Standard Control Types (part 4) - Tables and Pickers
    Windows 8 : Advanced Features (Part 2)
    Business Apps for Android & Windows Phone & iOS
    Phone Business: The Age Of Convergence
    How To Plan Every Element Of A Successful Studio Shoot
    Windows Tips & Tricks (August 2012) – Part 2 - Manage Your Google Docs Offline with gExplore
    Synology 4-Bay NAS: Three Models Review (Part 3)
    Create The Ultimate Tracking Device (Part 2)
    AWE News Feed – April 2013
    Top 10
    Windows Phone 8 In-Depth Review (Part 6)
    Windows Phone 8 In-Depth Review (Part 5)
    Windows Phone 8 In-Depth Review (Part 4)
    Windows Phone 8 In-Depth Review (Part 3)
    Windows Phone 8 In-Depth Review (Part 2)
    Windows Phone 8 In-Depth Review (Part 1)
    Xiaomi Phone 2 - High-End Specifications In A Surprisingly Cheap Package (Part 5)
    Xiaomi Phone 2 - High-End Specifications In A Surprisingly Cheap Package (Part 4)
    Xiaomi Phone 2 - High-End Specifications In A Surprisingly Cheap Package (Part 3)
    Xiaomi Phone 2 - High-End Specifications In A Surprisingly Cheap Package (Part 2)