You are developing a Windows Communication Foundation (WCF) service that returns
location information for authorized law enforcement agencies. The service contract is as
follows. [ServiceContract] public interface IMappingService { [OperationContract] long[]
GetLocationCoordinates(String cityNaroe); [OperationContract] long[]
GetLocationOfCitizen(String ssn) ; } Users are authenticated and impersonated. The system
uses ASP.NET roles. The members of law enforcement are members of the
LawEnforcement role. You need to ensure that only members of the LawEnforcement role
can call these methods. What are two possible ways to achieve this goal? (Each correct
answer presents a complete solution. Choose two.)
A.
Add a Princip.ilPi imissionAttribute to each method that should be available only to
members of law enforcement. Set its SecurityAction to Demand and set the role equal to
LawEnforcement.
B.
Use the CurrentPrincipal property of the thread. Call the IsInRole method specifying
LawEnforcement as a parameter.
C.
Create a GenericPrincipal specifying Thread.CurrentPrincipal.Identity as the
IldentityParameter and LawEnforcement as the only value for the Roles parameter.
D.
At the beginning of each method, enumerate each ClaimSet in a new WindowsClaimSet.
Use the FindClaims method to locate a claim type named Role with a right named
LawEnforcement.
Explanation: