CoSetProxyBlanket not supported from managed code

  • Article

COM objects are represented in managed code by runtime callable wrappers. I have written a reasonable summary of runtime callable wrappers (RCWs) here that you should read to understand the concepts in this entry.

CoSetProxyBlanket is a useful API to have control over COM security settings such as authentication and impersonation at the granularity of the interface pointer. It is an API whose functionality should have been exposed as part of the runtime callable wrapper abstraction. Even worse than not including this functionality directly, if people attempt to PInvoke to CoSetProxyBlanket, fxcop will flag this as an invalid call.

The truth is that not including it was an oversight (and a bad one at that). Because of the design of RCWs, PInvoking to CoSetProxyBlanket with an interface pointer from an RCW will not reliably work since there are many cases were we just fetch interface pointers on the fly using QueryInterface() so the effect of the call to CoSetProxyBlanket() will be lost. Additionally, RCWs are shared by all users in the app domain so even if your call hits one of the cached interfaced pointers on the RCW and the results are retained, it will affect everyone in the app domain using that object. For these reasons, we do not support calling CoSetProxyBlanket from managed code.

Unfortunately, people still need to call this API. The solution I recommend to all of these people is to write a small shim of native code that implements the interface whose security settings need to be modified. The native shim wraps the interface pointer but does the CoSetProxyBlanket call for the caller. From managed code, the user obtains an RCW to this shim and then makes the calls in the shim.

I realize that this is inconvenient, but the native shim should be trivial to write. ATL should make this something that can be done in under ten minutes.

I agree that this is a common scenario, and even though I can’t comment on specific features of future releases of the product, I will say that there is a high likelihood that this will be addressed in a future release of the product.