Enabling Access Checks at the Component Level

If your application includes a component that does not need security checks, you might decide to disable role checks for that component to improve performance. Or when debugging, it might be helpful to disable security so that you can concentrate on other aspects of program functionality.

By default, when you install a component, component-level access checks are enabled. However, this takes effect only when application-level access checks are enabled and when the security level is set to Perform access checks at the process and component level.

To enable or disable access checks at the component level

  1. In the console tree of the Component Services administrative tool, locate the COM+ application that contains the component for which you want to disable (or enable) role checks. Expand the view in the tree to view the components in the Components folder.

  2. Right-click the component for which you want to enable role checks, and then click Properties.

  3. In the component properties dialog box, click the Security tab.

  4. Select Enforce component level access checks to enforce component-level checks.

  5. Click OK.

The new setting will take effect the next time the application is started.

Note

As of Windows Server 2003, component-level access checks are disabled by default when creating a COM+ application. Access checks are enabled by default at the application level and disabled by default at the component level. Previously, access checks were disabled by default at the application level and enabled by default at the component level.

 

Assigning Roles to Components, Interfaces, or Methods

Configuring Role-Based Security

Defining Roles for an Application

Enabling Access Checks for an Application

Setting a Security Level for Access Checks