COM settings in OPC Classic client components

From OPC Labs Knowledge Base
Jump to navigation Jump to search

This article describes the internal effects of the UseCustomSecurity, TurnOffCallSecurity and TurnOffActivationSecurity settings.

COM and proxy initialization:

  • Without UseCustomSecurity: CoInitializeSecurity is not called, CoSetProxyBlanket is not called
  • With UseCustomSecurity (the default): CoInitializeSecurity is called, CoSetProxyBlanket is called

CoInitializeSecurity parameters:

  • Without TurnOffCallSecurity (the default): dwAuthnLevel = RPC_C_AUTHN_LEVEL_CONNECT (2); dwImpLevel = RPC_C_IMP_LEVEL_IMPERSONATE (3); pSecDesc = <by CSecurityDescriptor::InitializeFromThreadToken()>
  • With TurnOffCallSecurity: dwAuthnLevel = RPC_C_AUTHN_LEVEL_NONE (1); dwImpLevel = RPC_C_IMP_LEVEL_IMPERSONATE (3); pSecDesc = NULL

CoSetProxyBlanket parameters: dwAuthnLevel and dwImpLevel are the same as those used with CoInitializeSecurity.

COAUTHINFO* pAuthInfo in COSERVERINFO* passed to CoCreateInstanceEx (when machine name is not empty):

  • Without TurnOffActivationSecurity (the default): dwAuthnSvc = RPC_C_AUTHN_NONE; dwAuthzSvc = RPC_C_AUTHZ_NONE; pwszServerPrincName = NULL; dwAuthnLevel = RPC_C_AUTHN_LEVEL_NONE; dwImpersonationLevel = RPC_C_IMP_LEVEL_IMPERSONATE; pAuthIdentityData = NULL; dwCapabilities = EOAC_NONE;
  • With TurnOffActivationSecurity: NULL

(see https://docs.microsoft.com/en-us/windows/win32/com/turning-off-activation-security?redirectedfrom=MSDN)