COM settings in OPC Classic client components

From OPC Labs Knowledge Base
Revision as of 16:31, 20 October 2021 by User (talk | contribs)

This article describes the internal effects of the UseCustomSecurity, TurnOffCallSecurity and TurnOffActivationSecurity settings.

COM and proxy initialization:

  • Without UseCustomSecurity: CoInitializeSecurity is not called, CoSetProxyBlanket is not called
  • With UseCustomSecurity (the default): CoInitializeSecurity is called, CoSetProxyBlanket is called

CoInitializeSecurity parameters:

  • Without TurnOffCallSecurity (the default): dwAuthnLevel = RPC_C_AUTHN_LEVEL_CONNECT (2); dwImpLevel = RPC_C_IMP_LEVEL_IMPERSONATE (3); pSecDesc = <by CSecurityDescriptor::InitializeFromThreadToken()>
  • With TurnOffCallSecurity: dwAuthnLevel = RPC_C_AUTHN_LEVEL_NONE (1); dwImpLevel = RPC_C_IMP_LEVEL_IMPERSONATE (3); pSecDesc = NULL

CoSetProxyBlanket parameters: dwAuthnLevel and dwImpLevel are the same as those used with CoInitializeSecurity.

COAUTHINFO* pAuthInfo in COSERVERINFO* passed to CoCreateInstanceEx (when machine name is not empty):

  • Without TurnOffActivationSecurity (the default): dwAuthnSvc = RPC_C_AUTHN_NONE; dwAuthzSvc = RPC_C_AUTHZ_NONE; pwszServerPrincName = NULL; dwAuthnLevel = RPC_C_AUTHN_LEVEL_NONE; dwImpersonationLevel = RPC_C_IMP_LEVEL_IMPERSONATE; pAuthIdentityData = NULL; dwCapabilities = EOAC_NONE;
  • With TurnOffActivationSecurity: NULL

(see https://docs.microsoft.com/en-us/windows/win32/com/turning-off-activation-security?redirectedfrom=MSDN)