Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What are the security extension features MTS adds to standard DCOM ?

adds DCOM extension features MTS security standard
0
Posted

What are the security extension features MTS adds to standard DCOM ?

0 CommentsAdd a Comment

1 Answer

0

MTS security model is based on Roles. Roles are entities under which you gather together a number of NT users that are logically equivalent regarding the security requirements of your component. This means that the MTS security model is based on the assumption that the original caller identity is available when you hit the package boundary. In a distributed environment this security model seems to be clashing with the way COM passes identity principals across processes and hosts. Suppose Alice in the host A makes a call to a COM object in hosts B running as BOB. BOB authenticates Alice, enter a new thead and calls CoImpersonateClient using Alice identity token. Now within this thread there is an outgoing call to a COM object running as Charlie in host C. Since COM knows that NTLM (the WNT 4.0 built-in authentication protocol) doesn’t support cross-host delegation, it calls into Charlie using the Process token, not thread token. MTS role based security model seems then to turn completel

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123