Microsoft KB Archive/282834

From BetaArchive Wiki

Article ID: 282834

Article Last Modified on 10/13/2006


APPLIES TO

  • Microsoft Java Virtual Machine, when used with:
    • Microsoft Windows 2000 Standard Edition
  • Microsoft Visual J++ 6.0 Standard Edition


This article was previously published under Q282834

SYMPTOMS

When you use COM+ to apply role-based security to a Visual J++ COM component custom interface, subsequent access to that interface results in a "Permission denied" (0x800A0046) error if the interface is called from Windows Scripting Host.

CAUSE

The Microsoft virtual machine (Microsoft VM) automatically implements an IDispatchEx interface, which the Scripting Host uses as the preferred interface when it invokes methods on the object. However, COM+ role-based security is applied to the custom interface that is defined by the user (IMyInterface_Dispatch). Therefore, COM+ expects calls to come in on IMyInterface_Dispatch but instead receives calls on IDispatchEx; the caller is denied permission because of this mismatch.

RESOLUTION

A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem. This fix may receive additional testing. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Windows 2000 service pack that contains this hotfix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/default.aspx?scid=fh;EN-US;CNTACTMS


NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The typical support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

This fix is included with the fixes that are described in the following Microsoft Knowledge Base article:

WORKAROUND

To work around this problem, use the com.ms.com.NoAutoScripting interface placeholder to disable automatic scripting support, and then declare a dual custom interface. This removes the IDispatchEx implementation, and the Scripting Host uses the custom interface instead.

For additional information about how to use the com.ms.com.NoAutoScripting interface placeholder to disable automatic scripting support, click the article number below to view the article in the Microsoft Knowledge Base:

172202 INFO: Implementing Java Automation Objects using AutoIDispatch


For additional information about how to declare a dual custom interface, click the article number below to view the article in the Microsoft Knowledge Base:

196894 HOWTO: Create Dual Interface COM Objects Using VJ++ 6.0


STATUS

Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.

MORE INFORMATION

For additional information about how to obtain a hotfix for Windows 2000 Datacenter Server, click the article number below to view the article in the Microsoft Knowledge Base:

265173 The Datacenter Program and Windows 2000 Datacenter Server Product


For additional information about how to install multiple hotfixes with only one reboot, click the article number below to view the article in the Microsoft Knowledge Base:

296861 Use QChain.exe to Install Multiple Hotfixes with One Reboot


The following error message is displayed in the Event Viewer:

A method call to an object in a COM+ application was rejected because the caller is not properly authorized to make this call. The COM+ application is configured to use Application and Component level access checks, and enforcement of these checks is currently enabled. The remainder of this message provides information about the component method that the caller attempted to invoke and the identity of the caller.

Destination of the rejected call: Application Id: {9E045087-7566-460A-9B68-C0C1157ED463}
CLSID: {C6899F9C-37E9-4AC7-89F4-3D12EB03179D}
IID: {A6EF9860-C720-11D0-9337-00A0C90DCAA9} -- IDispatchEx
Method #: <Method Number>
Class: <Your Class>.<Your Method>
Interface: (unknown)
Method: (unknown)

Steps to Reproduce Behavior

  1. Create a new Visual J++ project.

  2. Add the following code into the Java source file that is created:

      public String sayHello() 
  {
    return("Hello World");
  }
  3. Build the project.
  4. Create a new COM+ application and enable role-based component checks.
  5. In Microsoft Management Console (MMC), use the Component Services Snap-In to create an new, empty COM+ application. For Activation Type, click Server Application. For Account, click Interactive User.
  6. Add the Visual J++ COM dynamic-link library (DLL) as a new component to the COM+ application.
  7. Create a new role, and add yourself as a new user.
  8. Set security at the Interface-Level for the Java Component. To do this, click to expand the component in the MMC tree view until you see the Interface (<name>_Dispatch). Right-click this interface, and then click Properties. Your role should appear under Roles Explicitly Set For Selected Item(s). To activate it, make sure that it is checked.

  9. When you write a .vbs file to call sayHello, it fails. The Event Log shows that it is trying to invoke on IDispatchEx.

      Dim a
  Set a = createObject("JavaBoom.Test")
  msgbox a.sayHello()



Additional query words: role vbscript 0x800A0046

Keywords: kbbug kberrmsg kbfix kbjava kbwin2000presp3fix KB282834



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/282834&oldid=318723
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki