COM+ is a set of component services that assist programmers in building scalable and robust enterprise applications. COM+ services include support for managing distributed transactions and controlling the life cycle of software components. In this chapter, we discuss the COM+ security services and explain how you can apply them to your COM+ components.
We assume that you have some experience using COM+, and are familiar with the basic design and implementation of its component services. Aside from a brief definition of the terms we use, we explain those aspects of COM+ that relate to security only. For more information, see COM and .NET Component Services by Juval Löwy (O’Reilly) as well as the .NET SDK.
A .NET class that uses COM+ services is called a serviced component or a configured class. A COM+ application consists of one or more serviced components, which are administered together; there is no requirement for the components within a COM+ application to interoperate, although typically a COM+ application comprises components that offer related functionality.
A serviced component makes functionality available to a client application by implementing one or more interfaces. The client application creates a new instance of the component class and consumes the functionality exposed by invoking the component members. The use of COM+ is not visible to the client, which uses a serviced component in the same way as any other .NET class. ...