Programming COM+ Security (part 3) - Compiling and Installing the COM+ Application

4. Compiling and Installing the COM+ Application

In the previous section, we applied .NET attributes to configure COM+ RBS and PAS for a serviced component. In this section, we compile our example component and show you how to install a COM+ application. Our first task is to create a code file containing the statements we introduced in the previous section; we have listed the complete C# and Visual Basic .NET definitions of the example component below, and we have saved these statements into a file called Tracker.cs (C#) (see Example 1) or Tracker.vb (Visual Basic .NET) (see Example 2):

Example 1. Tracker.cs (C#)

using System; using System.EnterpriseServices; // Specify the file containing the key for assembly signing [assembly: System.Reflection.AssemblyKeyFile("mykey.key")] // Specify that we want a COM+ Server application [assembly: ApplicationActivation(ActivationOption.Server)] // Specify our application level security settings [assembly: ApplicationAccessControl( // Enable COM+ Security Value=true, // Enable PAS and RBS AccessChecksLevel=AccessChecksLevelOption.ApplicationComponent, // Use the computer default values for authentication and impersonation Authentication=AuthenticationOption.Default, ImpersonationLevel=ImpersonationLevelOption.Identify)] // Define the Users role [assembly: SecurityRole("User", Description="Users of the Security Pro product", SetEveryoneAccess=false)] // Define the Tester role [assembly: SecurityRole("Tester", Description="Security Pro product testers", SetEveryoneAccess=false)] // Define the Developer role [assembly: SecurityRole("Developer", Description="Security Pro product developers", SetEveryoneAccess=false)] // Define the Manager role [assembly: SecurityRole("Manager", Description="Security Pro product managers", SetEveryoneAccess=false)] // Enable COM+ Security for this component [ComponentAccessControl(true)] [SecureMethod] // Grant the Manager role access to the component [SecurityRole("Manager")] public class SecurityProTracker: ServicedComponent, IDefectTracker { public void ViewAllDefects( ) {} public void CreateNewDefect( ) {} public void CloseDefect( ) {} } public interface IDefectTracker { [SecurityRole("User")] [SecurityRole("Tester")] [SecurityRole("Developer")] void ViewAllDefects( ); [SecurityRole("Tester")] void CreateNewDefect( ); [SecurityRole("Developer")] void CloseDefect( ); }

Example 2. Tracker.vb (VB.NET)

Imports System Imports System.EnterpriseServices ' Specify the file containing the key for assembly signing <Assembly: System.Reflection.AssemblyKeyFile("mykey.key")> ' Specify that we want a COM+ Server application <Assembly: ApplicationActivation(ActivationOption.Server)> ' Specify our application level security settings <Assembly: ApplicationAccessControl( _ Value:=True, _ AccessChecksLevel:=AccessChecksLevelOption.ApplicationComponent, _ Authentication:=AuthenticationOption.Default, _ ImpersonationLevel:=ImpersonationLevelOption.Identify)> ' Define the Users role <Assembly: SecurityRole("User", _ Description:="Users of the Security Pro product", _ SetEveryoneAccess:=False)> ' Define the Tester role <Assembly: SecurityRole("Tester", _ Description:="Security Pro product testers", _ SetEveryoneAccess:=False)> ' Define the Developer role <Assembly: SecurityRole("Developer", _ Description:="Security Pro product developers", _ SetEveryoneAccess:=False)> ' Define the Manager role <Assembly: SecurityRole("Manager", _ Description:="Security Pro product managers", _ SetEveryoneAccess:=False)> <ComponentAccessControl(True), _ SecureMethod( ), _ SecurityRole("Manager")> _ Public Class SecurityProTracker Inherits ServicedComponent Implements IDefectTracker Public Sub ViewAllDefects( ) Implements IDefectTracker.ViewAllDefects End Sub Public Sub CreateNewDefect( ) Implements IDefectTracker.CreateNewDefect End Sub Public Sub CloseDefect( ) Implements IDefectTracker.CloseDefect End Sub End Class Public Interface IDefectTracker <SecurityRole("User"), _ SecurityRole("Tester"), _ SecurityRole("Developer")> _ Sub ViewAllDefects( ) <SecurityRole("Tester")> _ Sub CreateNewDefect( ) <SecurityRole("Developer")> _ Sub CloseDefect( ) End Interface

We need to create the cryptographic key file that we specified with the AssemblyKeyFile attribute. We will create a test key pair for our example using the Strong Name Tool (sn.exe);. We assume that your DOS path includes the tools provided with the .NET Framework SDK; consult the .NET documentation for instructions. The following statement creates the key file we specified:

sn -k mykey.key

The following statements show how to compile the code file to create SecurityProTracker.dll, which is a library assembly with a strong name:

# C#

csc /target:library /out:SecurityProTracker.dll DefectTracker.cs

# Visual Basic .NET

vbc /target:library /out:SecurityProTracker.dll /reference:System.EnterpriseServices.
dll DefectTracker.vb

					  

Now that we have created an assembly containing our component, we can use the .NET Services Installation tool (regsvcs.exe) to install the component on the local computer:

regsvcs SecurityProTracker.dll

The output from the .NET Services Installation tool is shown below:

Microsoft (R) .NET Framework Services Installation Utility Version 1.0.3705.288
Copyright (C) Microsoft Corporation 1998-2001.  All rights reserved.

Installed Assembly:
        Assembly: C:\SecurityProTracker.dll
        Application: SecurityProTracker
        TypeLib: c:SecurityProTracker.tlb