COM+ Events and Security
The fact that the publisher does not call methods on the subscribers directly is an important software engineering capability. Nevertheless, you should never decouple your components at the expense of security. COM+ must still allow the system administrators to configure the access rights to subscribers. COM+ events take advantage of the rich security infrastructure offered by COM+, and COM+ also provides you with event system-specific security settings.
The Event Class and Role-Based Security
Like other configured components, an event class can use role-based security. The most common use of use role-based security for event classes is to control which publisher is allowed to fire events.
However, since roles in COM+ are per application, be sure to add roles and users for each product to the event class application if you intend to share event classes between a few applications and products.
You can use role-based security in another way: to implement a
publisher-side filter that calls
ISecurityCallContext::IsCallerInRole( )
(discussed in Chapter 7) and controls the order of publishing based on
the publisher’s role.
Subscribers and Role-Based Security
The subscriber can use role-based security to control access to its services. Unlike an event class usage of role-based security (which affects the publishing side and therefore all the subscribers), when a subscriber uses role-based security, only that subscriber is affected by the access checks. If all ...
Get COM & .NET Component Services now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
