In this section, you’ll build a simple client component that will use the
SecureOcrServer component to test out the security features discussed previously. You’ll learn how to set the default security for all proxies instantiated within this client process. This default can be altered prior to making an activation or a normal function call; for example, you can use any user identity to activate an object or invoke a method. Furthermore, you can specify the authentication and impersonation levels for each activation or method call. Here’s a brief summary for the topics that you’ll learn in this section:
Setting the authentication identity using the
SEC_WINNT_AUTH_IDENTITY_W structure. This includes the user’s domain, name, password.
Setting the process-wide security for all proxies using CoInitializeSecurity.
Merging the proxy/stub code. You’ve done this before in Chapter 8, but you’ll learn another technique—manually using the CoRegisterPSClsid API function. This subsection has nothing to do with security, but it shows you how to internally register interface marshalers for an out-of-process EXE component.
Using activation security. This is security that is applied to activation API functions such as CoGetClassObject or CoCreateInstance[Ex].
Using call security. This is security that can be set for each method invocation using the IClientSecurity::SetBlanket method or its shorthand, the CoSetProxyBlanket API function.
Handling errors. You’ll also learn how to obtain ...