Which two actions should you perform?

You are creating a Windows Communication Foundation (WCF) service that accepts claims-based tokens.
You need to ensure that the service can use claims from trading partners even though there are variations on naming for the same elements.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

You are creating a Windows Communication Foundation (WCF) service that accepts claims-based tokens.
You need to ensure that the service can use claims from trading partners even though there are variations on naming for the same elements.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.
Register a custom Service Authorization Manager that implements Check Access.
In this method, use System.Convert.ChangeType to transform the incoming claim set to a WindowsClaimSet type.

B.
Apply a PrincipalPermission attribute on the operation with the required claims listed in the Roles property.

C.
Within the operation, verify the presence of the required claims in the current AuthorizationContext.

D.
Register an AuthorizationPolicy that maps external claims to an internal ClaimSet.

Explanation:
Authorization Policy
(http://msdn.microsoft.com/en-us/library/ms751416.aspx)

Authorization policy
A set of rules for mapping a set of input claims to a set of output claims.
Evaluating authorization policy results in claim sets being added to an evaluation context and subsequently an authorization context.



Leave a Reply 1

Your email address will not be published. Required fields are marked *