Atlanta Custom Software Development 

 
   Search        Code/Page
 

User Login
Email

Password

 

Forgot the Password?
Services
» Web Development
» Maintenance
» Data Integration/BI
» Information Management
Programming
  Database
Automation
OS/Networking
Graphics
Links
Tools
» Regular Expr Tester
» Free Tools

The best setting for the RunAs option in a server package

Total Hit ( 1790)

Rate this article:     Poor     Excellent 

 Submit Your Question/Comment about this article

Rating


 


When you deploy COM objects in DLLs no security issues arise since DLLs run in the process of the caller. On the contrary, when you deploy your COM objects into an .EXE, you have to deal with such issues.

- (D)COM needs to know under what security principal (read identity) the process, where your COM objects lives in, has to be associated with.
- (D)COM wants to know other details as well, like who has the rights to launch and to access the COM objects and what's the lowest level of security your COM objects must accept when it negotiates a connection from a caller.

These options can be set at run-time (but you have to deal with DCOM APIs) or can be configured at deployment time using the DCOMCNFG utility. If there are no security settings defined for your Component then (D)COM uses default access permission. The settings you have available in (D)COM for the Run as setting are:

- As interactive user: The process run under the identity of the user currently logged in the system. This settings is OK only during the development phase. If noone is logged in the system the object creation will fail.
- As the launching User: The process run under the identity of the caller process. This is not an advisable setting to set up a manageable security policy.
- As This User: In this case you have to specify a local or domain user. This is the best setting to go under a production environment.

If what is described above is clear, there is just one more thing to know when you come to MTS: Each MTS server package is a separate surrogate process where your DLLs run in. If you decide to deploy your dlls into an MTS Server package you have to remember that every access to the COM objects implemented in such dlls will have to deal with (D)COM security if the caller is outside the same MTS package


Submitted By : Nayan Patel  (Member Since : 5/26/2004 12:23:06 PM)

Job Description : He is the moderator of this site and currently working as an independent consultant. He works with VB.net/ASP.net, SQL Server and other MS technologies. He is MCSD.net, MCDBA and MCSE. In his free time he likes to watch funny movies and doing oil painting.
View all (893) submissions by this author  (Birth Date : 7/14/1981 )


Home   |  Comment   |  Contact Us   |  Privacy Policy   |  Terms & Conditions   |  BlogsZappySys

© 2008 BinaryWorld LLC. All rights reserved.