dcsimg
Login | Register   
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.


Tip of the Day
Language: VB6,COM+
Expertise: Advanced
Dec 15, 2001

WEBINAR:

On-Demand

Application Security Testing: An Integral Part of DevOps


Setting authentication across different domains

COM doesn't have a built in security mechanism, but relies on Windows authentication services (Security Service Providers). When you access a resource or invoke a method in a remote DCOM server (or MTS package / COM+ Application), security checks cannot be performed in the standard way if the client is not running into the same domain (or the same workstation, but in this case there would be no remote communication) where the server is).

1) The server tries to see if there is a user that matches the client identity in the domain or workstation account database he belongs to.
2) If step one succeds then Windows check if this user password match the password of the client identity.

If both steps succeeded then the client is "indirectly" authenticated and then, form this point, all access control is performed using this "matching" user. Fallback autientication is not easy to maintain, since two accounts must be kept in synch, but in some situations this mechanism can be usefull, if not the only one available.

Enrico Sabbadin
 
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
×
We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.
Thanks for your registration, follow us on our social networks to keep up-to-date