Component Level Security

We will now look at how we can apply security at the component level, and how you can link this with the security at the Windows 2000 Server level. Keep in mind that the extent and complexity of the security within Windows 2000 goes way beyond what we can discuss in this chapter. However, since COM+ is at the heart of BizTalk Server, it is important to understand the working of COM+ security and the way it ties in with the rest of the security. After installing BizTalk Server, there are four COM+ applications that we will be dealing with (Figure 8.14):

■ BizTalk Server Interchange Application

■ BizTalk Server Internal Utilities

■ XLANG Scheduler

■ XLANG Scheduler Persistence Helper

The XLANG Scheduler COM+ application is the default XLANG schedule engine that comes with BizTalk Server 2000. However, you can build your own scheduler engines, using the default as an example.When writing your own XLANG scheduler, or any other COM+ application for that matter, there are two types of security involved: programmatic and declarative. In the former, security is part of the component's code, and in the latter, security is controlled from outside the component using the administration tool Component Services

(Figure 8.14). In this section, we will only discuss the declarative security. Remember, programmatic security is as much part of the COM+ Security Model as declarative security is. In fact, the programmatic security extends the declarative security right into the component.

Figure 8.14 The MMC with Component Services Showing the Installed COM+ Applications

.tLemeh'i Nc^i i.nnm«'" .'« ■ nrr+'-J-ni I

■ jtEbMihiiUavllAfa^

■ 1 t BflUtfftmilUdAHlWn -1 ikillta


n^flCi Y-n fSf

From the declarative perspective, you can control the following security aspects:

■ Access Determines which users can access the component, interfaces, or even methods within a COM+ application. Access is controlled through roles.

■ Activation Determines which users are allowed to start—the term launch is generally used—a COM+ application.

■ Authentication Determines to what extent the COM+ application should check the authenticity of users who activate a component or the data a component receives.

■ Identity Determines under whose security context a component is activated. Identity is comprised of two parts: the user account used to start the COM+ application, and the impersonation level that determines to what extent a component can take over the identity (through the client's credentials) of the caller of the component. Impersonation can transcend the context of a server, and even the domain the server is in, in the case the component is running on a different server. In that case, context delegation can be used where the client's security credentials are transferred to the other server.This only works if Kerberos V5 is operational.

■ Reference Tracking Determines if additional security checks have to be executed to prevent components from being released prematurely.

If you install a BizTalk COM+ application and do not configure the security at the COM+ application level, the machine-wide security settings are used.

Machine-Wide Security Settings for COM +

To access the machine-wide security settings for COM+ applications:

1. Open the Microsoft Management Console (MMC), adding the Component Services snap-in.

2. Expand Component Services.

3. Expand Computers.

4. Right-click on My Computer (or any other computer for which you want to change the settings), and select Properties.

5. The My Computer Properties dialog will appear (Figure 8.15) with the General tab showing.

Figure 8.15 The Default Properties Tab in the My Computer Properties Window

Figure 8.15 The Default Properties Tab in the My Computer Properties Window

6. Select the Default Properties tab.

7. The tab starts with two check box options, of which the Enable Distributed COM on this computer drives the rest of the options on this page. Distributed COM (DCOM) is the protocol used between components running on different computers. By default, this option is selected.The second check box relates to IIS using COM.

8. Select the first check box, since this is the only place where you can enable DCOM.

9. In the frame below, you can select the default DCOM communication properties Authentication and Impersonation. If the server on which your BizTalk application is running is not used for other purposes, it is best to select the authentication and impersonation level most appropriate for the server. Select Packet Privacy as the default authentication level. See Table 8.1 for an explanation of the other authentication levels. Packet privacy is the highest authentication level, and can be overruled by setting a different level on a COM+ application (see the section COM+ Application Security Settings).The reason for this is that in case you forget to set the authentication level at the COM+ application, the application is protected from rogue data that is submitted to a component.

10. Select Anonymous for the impersonation level—although this seems illogical, it is not. Anonymous means that the credentials of a user are not checked when a component is called, and that a component cannot use the identity of the caller and cannot call a component on a different server. See Table 8.2 for the explanation of the other impersonation levels.

11. The last option is the check box Provide additional security for reference tracking. As explained earlier, this option prevents components from being released too early. Do not use this option for the BizTalk server, since it does not bring added security to your BizTalk application.

Table 8.1 Authentication Levels





No authentication takes place.


Client authentication takes place only when a connect


Was this article helpful?

0 0

Post a comment