Platform SDK: Transaction Server |
[This product will work only on Windows NT 4.0 versions and earlier. For Windows 2000 and later, see COM+ (Component Services).]
You will add the IsCallerInRole method to the MoveMoney and Account components to verify that the user running the Bank client is a manager. This additional code is the same for both components. You must modify both components because clicking Account in the Bank client doesn't use the MoveMoney component when the Sample Bank application runs.
To use IsCallerInRole in the MoveMoney and Account components
Click here to see the modified MoveMoney component
Click here to see the modified Account component
IsCallerInRole is a method on an object's context. IsCallerInRole returns TRUE if the direct caller of that object is assigned to a given role. You will use IsCallerInRole in the MoveMoney and Account components to verify if the caller of an object — in this case the user running the Bank client — is a manager.
If (lngAmount > 500 Or lngAmount < -500) Then If Not GetObjectContext.IsCallerInRole("Managers") Then Err.Raise Number:=APP_ERROR, _ Description:="Need 'Managers' role for amounts over $500" End If End If
Before you can use the new MoveMoney and Account components, you must create the role. The Manager role must exist before the call to IsCallerInRole; otherwise, you will get an error.
Note that the source code is bound to a role name scoped to a package. This creates a dependancy between the source and the package definition that must be considered when making modifications to a Package's security configuration, such as deleting a role.
To define a role for the Sample Bank package
If you are currently running Sample Bank, you must shut down the associated server process to change security properties.
Run the Bank client. If you are logged on as a user in the Manager role, you will be able to perform transactions of any amount. However, if you are logged on as a user who isn't in the Manager role, you will get a warning message when attempting a transaction of more than $500. The transaction will then abort. If you don't have access to more than one account, try removing your user account from the role to see the role checking enforced.
See Also
Programmatic Security, Enabling MTS Package Security, Application Design Notes: Using Roles, IsCallerInRole method