A self-hosted Windows Communication Foundation (WCF) service uses a secure HTTP binding with a custom principal permission mode.
The binding requires users to provide their Windows logon credentials. You need to retrieve the identity of the caller.
What are two possible properties you can use to achieve this goal? (Each correct answer presents a complete solution Choose two)
A.
Thread.CurrentPrincipal.Identity.Name
B.
HttpContext.Current.User.Identity.Name
C.
ServiceSecurityContext.Current.PrimaryIdentity.Name
D.
OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name
Explanation:
ServiceSecurityContext.PrimaryIdentity Gets the primary identity associated with the current setting.The primary identity is obtained from the credentials used to authenticate the current user.
If the credential is an X.509 certificate, the identity is a concatenation of the subject name and the thumbprint (in that order).
The subject name is separated from the thumbprint with a semicolon and a space.
If the subject field of the certificate is null, the primary identity includes just a semicolon, a space, and the thumbprint.eg:
[OperationContract]
public int GetAccountBalance()
{
//Block unauthorized users. SecurityException will return the correct SOAP Fault for this situation.
if (!OperationContext.Current.ServiceSecurityContext.WindowsIdentity. IsAuthenticated)
throw new SecurityException();//Retrieve the data for the current user.
return Database.GetBalanceForUser(OperationContext.Current.ServiceSecurityContext.WindowsIdentity.Name);
}
CD