| Event Id | 4455 |
| Source | COM+ |
| Description | A method call to an object in a COM+ application was rejected because the caller is not properly authorized to make this call. The COM+ application is configured to use Application and Component level access checks, and enforcement of these checks is currently enabled. |
| Event Information | According to Microsoft: CAUSE: The warning is generated when the client makes a method call on the interface (corresponding to a non-configured object) returned to it by the configured COM+ component. This occurs because the non-configured COM object is created in the same context as the COM+ configured component. When the client makes a call to the non-configured COM object, the object context has no information about the destination interface and the security requirements of the destination interface. Because this is a non-configured component, the call is rejected. RESOLUTION: You must not pass out references of non-configured objects from configured components. You can experience issues similar to the one discussed earlier. To work around this problem assign the Role at the Component level. Another suggestion is to make the non-configured component configured. Then, you can specifically apply or you can deny role-based security. |
| Reference Links | PRB: Warning from COM+ Components When Using Role-Based Security INFO: COM+ Components Warning When You Use Role-Based Security at the Interface Level |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.