This is a wildly broad question, so apologies in advance.
I developed a very traditional app architecture in Visual Studio 5-6.
The basic structure looked like this:
GUI >> MTS >> Database
The basic idea here was Users talk to the object, the object logs in to the
database as itself and does some work.
Perhaps I'm being overly dense, but I cannot seem to find a good writeup on
the preferred way to implement this in .Net. Can someone point me to a good
overview of how to implement something like this in .Net?
Here's a specific example I want to implement if you're interested...
A 3rd party app we use requires SQL Authentication. I'm sick of resettng
passwords.
I wrote a "clsPassword" object that has a "Reset" method, and I want to let
help desk people use it to reset passwords.
In SQL Server, you have to be an admin to reset a password.
clsPassword protects itself with certain business rules.
I want to implement clsPassword in the middle tier as an admin so that
non-admins can use its limited functionality.
In Visual Studio 6, this would be ultra-simple. I'd just toss my object
into COM+, configure it with an admin account, and go along my merry way.
At this point, I don't see a clear way to do this in .Net. Is this
something I'd need to implement a web service for?
Thanks, and sorry for the nooobish question.
4  1915 
you can still host your component in COM+ http://www.15seconds.com/issue/030501.htm
As an alternative, you can create a .Net app that runs in the context of
another user by using "impersonate=true" in the app config or web config and
simply providing the credentials in that spot (or encrypted in the
registry).
See http://support.microsoft.com/default...b;en-us;329290
--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster http://blogs.msdn.com/nickmalik
Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"Shawn Brock" <Sh********@discussions.microsoft.com> wrote in message
news:D9**********************************@microsof t.com... This is a wildly broad question, so apologies in advance.
I developed a very traditional app architecture in Visual Studio 5-6.
The basic structure looked like this:
GUI >> MTS >> Database
The basic idea here was Users talk to the object, the object logs in to
the database as itself and does some work.
Perhaps I'm being overly dense, but I cannot seem to find a good writeup
on the preferred way to implement this in .Net. Can someone point me to a
good overview of how to implement something like this in .Net?
Here's a specific example I want to implement if you're interested...
A 3rd party app we use requires SQL Authentication. I'm sick of resettng
passwords.
I wrote a "clsPassword" object that has a "Reset" method, and I want to
let help desk people use it to reset passwords.
In SQL Server, you have to be an admin to reset a password.
clsPassword protects itself with certain business rules.
I want to implement clsPassword in the middle tier as an admin so that
non-admins can use its limited functionality.
In Visual Studio 6, this would be ultra-simple. I'd just toss my object
into COM+, configure it with an admin account, and go along my merry way.
At this point, I don't see a clear way to do this in .Net. Is this
something I'd need to implement a web service for?
Thanks, and sorry for the nooobish question.
Thank you for the input.
Both of those appear to be viable options. Maybe I'm being too picky, but
they just don't feel "right".
In VS6, you configured a middle tier and could easily manage who had access
to the middle tier via an admin console (COM+).
COM InterOp is mainly for backward compatibility, right? As I move my
company forward, I feel like I should be using pure .Net and not relying on
old technologies.
The other option involves putting code directly into the object to indicate
its security and who can use it. While that will work, it feels like a
significant step backward from administering that security in a nice MMC
plug-in.
From your experience, how do the bulk of companies make this transition?
From what I've seen, a web service would kinda fill this gap. It appears
you'd just do your administration in IIS.
Thanks again for the initial reply. It gives me something with which to
work. I'd be interested to hear your thoughts on the questions I pose above.
Hi Shawn,
I embedded my comments into the text...
"Shawn Brock" <Sh********@discussions.microsoft.com> wrote in message
news:70**********************************@microsof t.com... Thank you for the input.
Both of those appear to be viable options. Maybe I'm being too picky, but
they just don't feel "right".
In VS6, you configured a middle tier and could easily manage who had
access to the middle tier via an admin console (COM+).
COM InterOp is mainly for backward compatibility, right? As I move my
company forward, I feel like I should be using pure .Net and not relying
on old technologies.
COM+ and COM Interop are two different things. That's why we've renamed
COM+ to Component Services. Microsoft has no intention of losing the
functionality of the Application Server. Certainly future versions of the
platform will have Component Services, with a console for managing
components, identities, etc. Think of it as a case of unfortunate naming.
(like naming a child John Wilkes Booth. You get what I mean?)
So you are not relying on an old technology to use Component Services to
manage your components written in .Net.
The other option involves putting code directly into the object to
indicate its security and who can use it. While that will work, it feels like a
significant step backward from administering that security in a nice MMC
plug-in.
The ability to declare the identity that a component can run under, without
resorting to the overhead of a transaction manager like Component Services,
is a huge win. We get a great deal of flexibility that our Unix friends
have had for a long time, and it is an important capability for managing the
access of data to resources. Just like a stored procedure can be run by
'Joe' and the stored procedure can insert a record, even though 'Joe' cannot
insert a record, it is important that we provide the ability, to individual
developers, to make little 'gateways' to system resources. The fact that
the identity is not in the code, but rather in its configuration, means that
the code itself is not directly managing its own security. This is also
important for the Windows platform to achieve the level of security that
customers demand.
Far from a step backwards, it is a necessary ability in a competitive world.
From your experience, how do the bulk of companies make this transition?
With a little learning. It takes time to take all of it in. Usually one or
two folks in any group will be the early adopters... the ones who embrace
without challenge. Everyone else needs convincing to some degree. You are
far from alone.
From what I've seen, a web service would kinda fill this gap. It appears
you'd just do your administration in IIS.
Actually, you can do you admin in IIS (using app pools) or in the config
files. Either way, web services do work for this. On the other hand,
adding a web service, for some applications, is the wrong architectural
choice. You have to add them at the right depth, and you have to make sure
that security is provided so access to your data is fully controlled. You
may also introduce performance implications unless you are careful. In
other words, Web services are a tool, not a silver bullet.
Thanks again for the initial reply. It gives me something with which to
work. I'd be interested to hear your thoughts on the questions I pose
above.
I hope this helps,
--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster http://blogs.msdn.com/nickmalik
Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
I really appreciate the thorough and thoughtful reply.
I've read it once, but feel I'm going to need to re-read all you've written
on this thread and dig in a little deeper.
I'm probably behaving a little too myopic. I know what I had, and I liked
it (well except regsvr32...). I'm trying to fit .Net perfectly into the
older DNA, and that's probably the wrong approach. The general design is
similar, but I need to be more open to my changing my middle tier
implementation.
Thanks again for the excellent input.
I'm going to move forward with the encrpyted configuration and see how my
first pass goes.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Howard Nease |
last post by:
Hello, everyone. I would appreciate any advice that someone could give me on
my future career path. Here is my situation:
I am a bright Junior in a very well-respected private high school, taking...
|
by: Manish Jain |
last post by:
Environment: Windows 2000 Server (SP4), ASP.Net/C# (Framework 1.1) Hardware:
PIII @ 700 MHz, 512 MB RAM
----------------------------------------------------------------------------...
|
by: Support |
last post by:
Hello:
I am trying to learn about Aactive Directory in VB.NET and NT security, so
if you have any good resources/references, please let me know.
At a high level ... in VB.NET
If I am a...
|
by: Shawn Brock |
last post by:
This is a wildly broad question, so apologies in advance.
I developed a very traditional app architecture in Visual Studio 5-6.
The basic structure looked like this:
GUI >> MTS >> Database
The...
|
by: Michal Taborsky |
last post by:
Hello.
We are currently facing a design issue, which I am a bit stuck with. We
are talking about row-level access regulation. I'll make it clear with
an example.
Let there be a table of...
|
by: JJ |
last post by:
I only want to catch 404 errors at the application level (the rest are will
be handled by the customerrors section of the web.config). How do I check
for the error code in the
Application_Error...
|
by: KUTTAN |
last post by:
I a using
System.Reflection
System.Runtime.InteropServices
System.Security.Permissions
In my web application
In this, Reflection need low thrust level to run
But I have hosted my site in ...
|
by: Cesar |
last post by:
Hello people. I'm having a Winform app that contains a webbrowser control
that keeps navigating from one page to another permanentrly to make some
tests. The problem I'm having is that after a...
|
by: sanjupommen |
last post by:
I am in the process of exploring the possibility of providing our products on databases other than Oracle.I am able to migrate the data, procedures etc without too much effort (latest version of DB2...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 2 August 2023 starting at 18:00 UK time (6PM UTC+1) and finishing at about 19:15 (7.15PM)
The start time is equivalent to 19:00 (7PM) in Central...
|
by: erikbower65 |
last post by:
Using CodiumAI's pr-agent is simple and powerful. Follow these steps:
1. Install CodiumAI CLI: Ensure Node.js is installed, then run 'npm install -g codiumai' in the terminal.
2. Connect to...
|
by: linyimin |
last post by:
Spring Startup Analyzer generates an interactive Spring application startup report that lets you understand what contributes to the application startup time and helps to optimize it. Support for...
|
by: kcodez |
last post by:
As a H5 game development enthusiast, I recently wrote a very interesting little game - Toy Claw ((http://claw.kjeek.com/))。Here I will summarize and share the development experience here, and hope it...
|
by: Taofi |
last post by:
I try to insert a new record but the error message says the number of query names and destination fields are not the same
This are my field names
ID, Budgeted, Actual, Status and Differences
...
|
by: DJRhino1175 |
last post by:
When I run this code I get an error, its Run-time error# 424 Object required...This is my first attempt at doing something like this. I test the entire code and it worked until I added this -
If...
|
by: Rina0 |
last post by:
I am looking for a Python code to find the longest common subsequence of two strings. I found this blog post that describes the length of longest common subsequence problem and provides a solution in...
|
by: DJRhino |
last post by:
Private Sub CboDrawingID_BeforeUpdate(Cancel As Integer)
If = 310029923 Or 310030138 Or 310030152 Or 310030346 Or 310030348 Or _
310030356 Or 310030359 Or 310030362 Or...
|
by: Mushico |
last post by:
How to calculate date of retirement from date of birth
| |
