book

COM+ Programming with Visual Basic

by Jose Mojica

June 2001

Intermediate to advanced

368 pages

11h 3m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Who This Book Is For
What Is COM+?COMMicrosoft Transaction Server (MTS)COM+

Why Interface-Based Programming?
Using Polymorphism to Upgrade Classes
Life Without Interfaces
Interface Mappings In C++Interface Mappings in Visual Basic
IUnknownIDispatch
Client-Server Communication: A High-Level ViewBuilding an ActiveX DLLBuilding a Client
GUIDsProgIDsCoCreateInstance and CoCreateInstanceExType Libraries (Revisited)VB COM Creation FunctionsRegistry KeysDLL ExportsClass FactoryObservations About ActivationSummary
ActiveX EXEsRegistering and Unregistering an ActiveX EXEGetting the Class ObjectsServer Lifetime
ApartmentsThe Message FilterThreading Options for DLLsCross-Apartment CommunicationByVal and ByRef with Interface ParametersMarshalers and the Type Library MarshalerThread Pools in ActiveX EXEs
The Goal of COM Versioning
Scripting ClientsVtable-Bound Clients
Binary CompatibilityBreaking CompatibilityProject CompatibilityNo CompatibilityVersioning Wrap-up
Reverse-Engineering Type LibrariesDefining Elements in IDLLibrary sectionInterfacesCreating the Type LibraryUsing the Custom Type Library
Creating a COM+ ApplicationAdding ComponentsDeploying COM+ ApplicationsServer deploymentClient deployment
Creating a COM+ ApplicationAdding Components and Setting Their PropertiesExporting and Importing an Application
COM+ ArchitectureContextApartments (Revisited)ActivitiesActivity lock mechanismActivities and deadlocksSTA Thread PoolObjectContext and CallContextGetObjectContextConstructor String
Option 1: Use the VB DebuggerOption 2: Use the VC DebuggerOption 3: Use Trace MessagesNot a Debug Option: MsgBoxSummary
What Is a Transaction?Players in a TransactionTypes of LocksIsolationRead uncommittedRead committedRepeatable readSerializableDistributed Versus Local TransactionsLocal transactionsDistributed transactions
Transaction StreamsJITAVoting on a TransactionMethods for backward compatibilityCoding guidelinesFrom the client sideStateless componentsTransaction programming scenariosBYOTCompensating Resource ManagersThe problemThe solutionRecovery phase
Security TerminologyLogon Sessions
Authentication LevelImpersonation LevelIdentity Tracking
CoInitializeSecurityCoSetProxyBlanketUsing Registry KeysServer-Side Authentication LevelServer-Side Impersonation LevelCOM+ Application TokensKeeping others from modifying settingsWho Can Use Your ApplicationRole-based securityTurning on securityLaunching access and creation accessMethod accessProgrammatic SecurityIsCallerInRole, IsSecurityEnabled, and IsUserInRoleSecurityCallContext collections
Web Application OverviewApplication protectionWeb Client AuthenticationAnonymous accessBasic authentication and Digest authenticationIntegrated Windows authentication
The .NET ArchitectureILAssembliesThe Common Type SystemWhy .NET and Not COM+ 2.0?
Versioning Assemblies
InheritanceMethod OverloadingValue Versus Reference TypeDelegatesConstructors and FinalizersException Handlers
Using VB.NET Components with VB 6Using VB.NET for versioning VB 6 componentsUsing VB 6 Components with VB.NET

Content preview from COM+ Programming with Visual Basic

Chapter 10. COM+ Security

Everyone thinks security is necessary, but no one really wants to implement it. Developers often view security in the same light as setup programs—as a necessary evil that is put off until everything else is done. This chapter will make the transition to security easier. First, you will learn some of the terms related to security. Then you will learn how to use the COM+ features for security. The last part of the chapter discusses web-based security with IIS.

Security Terminology

Before you can understand how COM+ security works, you must understand some security terms.

Windows NT and Windows 2000 are secure operating systems. In a secure operating system, resources such as files, printers, programs, and so on can be protected against unwanted access. Secure operating systems are also able to log each access attempt against one of the resources. To gain access to a resource, a principal -- that is, a person or a computer attempting to access the resource—must be authenticated. The purpose of authentication is to prove to the operating system that the principal attempting to gain access to the resource is in fact who it claims to be. Principals prove their identity by presenting a set of credentials. The software that checks the credentials and certifies that the principal is in fact who it claims to be is known as the authority. The authority is a service in Windows NT or Windows 2000 that runs under LSASS.EXE.

Windows NT and Windows 2000 enable companies ...