What are two possible ways to achieve this goal (Each correct answer presents a complete solution?

You are developing a Windows Communication Foundation (WCF) service that returns
location information for authorized law enforcement agencies. The service contract is as
follows. Users are authenticated and impersonated. The system uses ASP.NET roles. The
members of law enforcement are members of the LawEnforcement role. You need to
ensure that only members of the LawEnforcement role can call these methods. What are
two possible ways to achieve this goal (Each correct answer presents a complete solution?
Choose two.)

You are developing a Windows Communication Foundation (WCF) service that returns
location information for authorized law enforcement agencies. The service contract is as
follows. Users are authenticated and impersonated. The system uses ASP.NET roles. The
members of law enforcement are members of the LawEnforcement role. You need to
ensure that only members of the LawEnforcement role can call these methods. What are
two possible ways to achieve this goal (Each correct answer presents a complete solution?
Choose two.)

A.
Add a PrincipalPermissionAttribute to each method that should be available only to
members of law enforcement. Set its SecurityAction to Demand and set the role equal to
LawEnforcement.

B.
Use the CurrentPrincipal property of the thread. Call the IsInRole method specifying
LawEnforcement as a parameter.

C.
Create a GenericPrincipal specifying Thread.CurrentPrincipal.Identity as the
IIdentityParameter and LawEnforcement as the only value for the Roles parameter.

D.
At the beginning of each method, enumerate each ClaimSet in a new WindowsClaimSet.
Use the FindClaims method to locate a claim type named Role with a right named
LawEnforcement.



Leave a Reply 0

Your email address will not be published. Required fields are marked *