Server-Side COM Security

In this section, you’ll learn how to deal with COM security on the server side. You’ll start by creating an application to which you’ll add additional security features throughout this chapter.

Creating the Project and a COM Object

Let’s begin by developing a brand new server component:

  1. Use the ATL COM AppWizard to create an Executable(EXE) component and name it SecureOcrServer.

  2. Add a Simple Object to this new component using the ATL Object Wizard.

  3. Name this COM object SecureOcrProcessor.

  4. In the Attributes page of the ATL Object Wizard Properties dialog, check Support ISupportErrorInfo. You do this so that you can later return customized error descriptions to the client. We’ll illustrate a way to return your own messages back to the client to describe the problem that exists on the server. Not only is this valuable in deployed systems, but it’s very valuable for debugging purposes.

  5. Add a method called SecureOcrImage to the ISecureOcrProcessor interface. To make it simple, we will not add any parameter to this method, since all we’re interested in is security handling.

Implementing the SecureOcrImage Method

Now that you have a component and a simple COM object, here’s the plan. A client application will invoke the SecureOcrImage function that you’ve just added. Within this method, the server component will obtain the security context of the invocation and will validate the call. If you can validate the call, you will impersonate the client and perform work in place ...

Get Learning DCOM now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial