You work as an application developer at Domain.com. You are currently creating an application that requires role-based security.
You are planning to utilize a database to store the user accounts and group membership data. You need to ensure that users are able to log on and off.
You also need to ensure that the application you have created tracks the user accounts of these users, and restrict or allow access to code based on their group membership.
You need to achieve this objective with as little developer effort as possible.
What should you do to implement role-based security?
A.
Inherit from the GenericIdentity and GenericPrincipal classes.
B.
Make use of GenericIdentity and GenericPrincipal objects.
C.
Implement the IIdentity and IPrincipal interfaces.
D.
Make use of WindowsIdentity and WindowsPrincipal objects.
Explanation:
in this scenario, the GenericIdentity and GenericPrincipal objects could be implemented as follows:
GenericIdentity curIdentity = new GenericIdentity (“CurrentUser”); string [] roles = { “Users”, “Administrators” };
thread.CurrentPrincipal = GenericPrincipal (curIdentity, roles);
This code instantiates a GenericIdentity object based upon a user name as a string object, instantiates a string array representing the roles to which that user belongs, instantiates a GenericPrincipal object specifying the GenericIdentity object and string array of roles as arguments, and assigns the new GenericPrincipal object to the CurrentPrincipal property of the current thread. By assigning the new principal to the CurrentPrincipal property of the current thread, role membership checks can be performed using the IsInRole method Incorrect Answers:
A, C: These options require more developer effort than necessary.
D: The WindowsIdentity and WindowsPrincipal classes are intended for use with windows domain stored accounts and groups only.
Correct answer is B