|
|
|
|
COM doesn't have a built in security mechanism, but relies on Windows authentication services (Security Service Providers). When you access a resource or invoke a method in a remote DCOM server (or MTS package / COM+ Application), security checks cannot be performed in the standard way if the client is not running into the same domain (or the same workstation, but in this case there would be no remote communication) where the server is).
1) The server tries to see if there is a user that matches the client identity in the domain or workstation account database he belongs to.
2) If step one succeds then Windows check if this user password match the password of the client identity.
If both steps succeeded then the client is "indirectly" authenticated and then, form this point, all access control is performed using this "matching" user. Fallback autientication is not easy to maintain, since two accounts must be kept in synch, but in some situations this mechanism can be usefull, if not the only one available. |
|
|
|
|
|
|
Submitted By :
Nayan Patel
(Member Since : 5/26/2004 12:23:06 PM)
|
 |
|
|
Job Description :
He is the moderator of this site and currently working as an independent consultant. He works with VB.net/ASP.net, SQL Server and other MS technologies. He is MCSD.net, MCDBA and MCSE. In his free time he likes to watch funny movies and doing oil painting. |
|
View all (893) submissions by this author
(Birth Date : 7/14/1981 ) |
|
|