Questions on COM security 
Author Message
 Questions on COM security

A client application calls CoCreateInstanceEx() and passes
NULL in the COAUTHINFO field of the COSERVERINFO structure
to create an instance on a remote machine.
This means default authentication is used.  Is the
authentication level used that that is set on the client
or the server.  In others words if you wanted to change
the default authentication to 'Packet Privacy' would you
have to change this on all client machines using
dcomcnfg.exe or just on the server machine where the
server is running.

I know I can override this programmtically but ust would
like to understand how the default mechanism works.

Thanks
Steve



Sat, 26 Feb 2005 17:53:33 GMT  
 Questions on COM security
Authentication level is negotiated between the client and the server -
see "Security Blanket Negotiation" at

http://msdn.microsoft.com/library/en-us/com/security_2wtq.asp

COM picks the highest level of the two. Thus the server can force higher
level with CoInitializeSecurity.
--
With best wishes,
    Igor Tandetnik

"For every complex problem, there is a solution that is simple, neat,
and wrong." H.L. Mencken


Quote:
> A client application calls CoCreateInstanceEx() and passes
> NULL in the COAUTHINFO field of the COSERVERINFO structure
> to create an instance on a remote machine.
> This means default authentication is used.  Is the
> authentication level used that that is set on the client
> or the server.  In others words if you wanted to change
> the default authentication to 'Packet Privacy' would you
> have to change this on all client machines using
> dcomcnfg.exe or just on the server machine where the
> server is running.

> I know I can override this programmtically but ust would
> like to understand how the default mechanism works.

> Thanks
> Steve



Sat, 26 Feb 2005 22:57:43 GMT  
 
 [ 2 post ] 

 Relevant Pages 

1. ATL COM security question

2. COM Security Question

3. security in COM

4. Help: How to set COM/DCOM security?

5. COM Security Issue (80070005) ?

6. COM security problem

7. COM Security problem

8. COM Security

9. COM security problem

10. ATL/COM security

11. COM ripoff security...

12. com.ms.security.SecurityExceptionEx

 

 
Powered by phpBB® Forum Software