programming4us
programming4us
SECURITY

Programming COM+ Security (part 3) - Compiling and Installing the COM+ Application

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
8/11/2012 5:18:52 PM

4. Compiling and Installing the COM+ Application

In the previous section, we applied .NET attributes to configure COM+ RBS and PAS for a serviced component. In this section, we compile our example component and show you how to install a COM+ application. Our first task is to create a code file containing the statements we introduced in the previous section; we have listed the complete C# and Visual Basic .NET definitions of the example component below, and we have saved these statements into a file called Tracker.cs (C#) (see Example 1) or Tracker.vb (Visual Basic .NET) (see Example 2):

Example 1. Tracker.cs (C#)
using System;
using System.EnterpriseServices;

// Specify the file containing the key for assembly signing
[assembly: System.Reflection.AssemblyKeyFile("mykey.key")]
// Specify that we want a COM+ Server application
[assembly: ApplicationActivation(ActivationOption.Server)]
// Specify our application level security settings
[assembly: ApplicationAccessControl(
    // Enable COM+ Security
    Value=true, 
    // Enable PAS and RBS 
    AccessChecksLevel=AccessChecksLevelOption.ApplicationComponent,
    // Use the computer default values for authentication and impersonation
    Authentication=AuthenticationOption.Default,
    ImpersonationLevel=ImpersonationLevelOption.Identify)]

// Define the Users role
[assembly: SecurityRole("User", 
    Description="Users of the Security Pro product", 
    SetEveryoneAccess=false)]
// Define the Tester role
[assembly: SecurityRole("Tester", 
    Description="Security Pro product testers", 
    SetEveryoneAccess=false)]
// Define the Developer role
[assembly: SecurityRole("Developer", 
    Description="Security Pro product developers", 
    SetEveryoneAccess=false)]
// Define the Manager role
[assembly: SecurityRole("Manager", 
    Description="Security Pro product managers", 
    SetEveryoneAccess=false)]

// Enable COM+ Security for this component
[ComponentAccessControl(true)]
[SecureMethod]
// Grant the Manager role access to the component
[SecurityRole("Manager")]
public class SecurityProTracker: ServicedComponent, IDefectTracker {

    public void ViewAllDefects(  ) {}

    public void CreateNewDefect(  ) {}

    public void CloseDefect(  ) {}
}

public interface IDefectTracker {

    [SecurityRole("User")]
    [SecurityRole("Tester")]
    [SecurityRole("Developer")]
    void ViewAllDefects(  );

    [SecurityRole("Tester")]
    void CreateNewDefect(  );

    [SecurityRole("Developer")]
    void CloseDefect(  );
}

					  

Example 2. Tracker.vb (VB.NET)
Imports System
Imports System.EnterpriseServices

' Specify the file containing the key for assembly signing
<Assembly: System.Reflection.AssemblyKeyFile("mykey.key")> 
' Specify that we want a COM+ Server application
<Assembly: ApplicationActivation(ActivationOption.Server)> 

' Specify our application level security settings
<Assembly: ApplicationAccessControl( _
    Value:=True, _
    AccessChecksLevel:=AccessChecksLevelOption.ApplicationComponent, _
    Authentication:=AuthenticationOption.Default, _
    ImpersonationLevel:=ImpersonationLevelOption.Identify)> 

' Define the Users role
<Assembly: SecurityRole("User", _
    Description:="Users of the Security Pro product", _
    SetEveryoneAccess:=False)> 
' Define the Tester role
<Assembly: SecurityRole("Tester", _
    Description:="Security Pro product testers", _
    SetEveryoneAccess:=False)> 
' Define the Developer role
<Assembly: SecurityRole("Developer", _
    Description:="Security Pro product developers", _
    SetEveryoneAccess:=False)> 
' Define the Manager role
<Assembly: SecurityRole("Manager", _
    Description:="Security Pro product managers", _
    SetEveryoneAccess:=False)> 

<ComponentAccessControl(True), _
SecureMethod(  ), _
SecurityRole("Manager")> _
Public Class SecurityProTracker
    Inherits ServicedComponent
    Implements IDefectTracker

    Public Sub ViewAllDefects(  ) Implements IDefectTracker.ViewAllDefects
    End Sub

    Public Sub CreateNewDefect(  ) Implements IDefectTracker.CreateNewDefect
    End Sub

    Public Sub CloseDefect(  ) Implements IDefectTracker.CloseDefect
    End Sub

End Class

Public Interface IDefectTracker

    <SecurityRole("User"), _
    SecurityRole("Tester"), _
    SecurityRole("Developer")> _
    Sub ViewAllDefects(  )

    <SecurityRole("Tester")> _
    Sub CreateNewDefect(  )

    <SecurityRole("Developer")> _
    Sub CloseDefect(  )

End Interface

					  

We need to create the cryptographic key file that we specified with the AssemblyKeyFile attribute. We will create a test key pair for our example using the Strong Name Tool (sn.exe);. We assume that your DOS path includes the tools provided with the .NET Framework SDK; consult the .NET documentation for instructions. The following statement creates the key file we specified:

sn -k mykey.key

The following statements show how to compile the code file to create SecurityProTracker.dll, which is a library assembly with a strong name:

# C#

csc /target:library /out:SecurityProTracker.dll DefectTracker.cs

# Visual Basic .NET

vbc /target:library /out:SecurityProTracker.dll /reference:System.EnterpriseServices.
dll DefectTracker.vb

					  

Now that we have created an assembly containing our component, we can use the .NET Services Installation tool (regsvcs.exe) to install the component on the local computer:

regsvcs SecurityProTracker.dll

The output from the .NET Services Installation tool is shown below:

Microsoft (R) .NET Framework Services Installation Utility Version 1.0.3705.288
Copyright (C) Microsoft Corporation 1998-2001.  All rights reserved.

Installed Assembly:
        Assembly: C:\SecurityProTracker.dll
        Application: SecurityProTracker
        TypeLib: c:SecurityProTracker.tlb

					  
Other  
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
REVIEW
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
programming4us programming4us
programming4us
 
 
programming4us