A Windows Communication Foundation (WCF) service uses a list of application-defined roles for operations.
These roles are stored in a database. You need to authorize calls against the list of roles retrieved from the database.
Which service behavior should you use to authorize the calls?
A.
<serviceAuthorization principalPermissionMode=”UseWindowsGroups” roleProviderName=”SqlProvider” />
B.
<serviceAuthorization principalPermissionMode=”None” roleProviderName=”SqlProvider” />
C.
<serviceAuthorization principalPermissionMode=”UseAspNetRoles” roleProviderName=”SqlProvider” />
D.
<serviceAuthorization principalPermissionMode=”Custom” roleProviderName=”SqlProvider” />
Explanation:
<serviceAuthorization> element .NET Framework 4
Specifies settings that authorize access to service operationsSyntax:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceAuthorization><serviceAuthorization
impersonateCallerForAllOperations=”Boolean”
principalPermissionMode=”None/UseWindowsGroups/UseAspNetRoles/Custom”
roleProviderName=”String”
serviceAuthorizationManagerType=”String” />
<authorizationPolicies>
<add policyType=”String” />
</authorizationPolicies>
</serviceAuthorization>Remarks
This section contains elements affecting authorization, custom role providers, and impersonation.
The principalPermissionMode attribute specifies the groups of users to use when authorizing use of a protected method.
The default value is UseWindowsGroups and specifies that Windows groups, such as “Administrators” or “Users,”
are searched for an identity trying to access a resource. You can also specify UseAspNetRoles to use a custom role provider
that is configured under the <system.web> element, as shown in the following code.<system.web>
<membership defaultProvider=”SqlProvider” userIsOnlineTimeWindow=”15″>
<providers>
<clear />
<add
name=”SqlProvider”
type=”System.Web.Security.SqlMembershipProvider”
connectionStringName=”SqlConn”
applicationName=”MembershipProvider”
enablePasswordRetrieval=”false”
enablePasswordReset=”false”
requiresQuestionAndAnswer=”false”
requiresUniqueEmail=”true”
passwordFormat=”Hashed” />
</providers>
</membership>
<!– Other configuration code not shown.–>
</system.web>The following code shows the roleProviderName used with the principalPermissionMode attribute.
<behaviors>
<behavior name=”ServiceBehaviour”>
<serviceAuthorization principalPermissionMode =”UseAspNetRoles” roleProviderName =”SqlProvider” />
</behavior>
<!– Other configuration code not shown. –>
</behaviors>
Oh come on. All four answers are identical.
Fix.
So, the correct answer shoul be:
?
what is “c” not “b”
C