CoInitializeSecurity()

A new

CoInitializeSecurity()
call allows a process to set a default security blanket. A security blanket is a suite of security parameters specifying the level of security required. A negotiation process takes place when a client connects to a server, when the system matches the security levels specified by the client to make sure it is at the same level or higher than those specified in the server's security blanket. More discussion of security and the
CoInitializeSecurity()
will be presented in Chapter 9. Typically, the
CoInitializeSecurity()
call is made after a call to
CoInitializeEx()
. If a process doesn't call
CoInitializeSecurity()
, COM will actually make the call on the process's behalf, using the defaults found in the registry (under the
AppID
key). This is how legacy non-DCOM aware components get to play along with DCOM-aware components, without having to worry about security.

Again, we'll discuss other DCOM related security interfaces, including the

IClientSecurity
,
IServerSecurity
, and
IAccessControl
interfaces (together with their associated helper functions) in Chapter 9.

© 1997 by Wrox Press. All rights reserved.