You work as the application developer at Domain.com.
You are writing a method that will run through the credentials of the end user. Microsoft Windows groups must be used to authorize the user.
You must develop the code segment which will recognize if the user exists in the local group named Sales.
Choose the code segment that will do this.
A.
WindowsIdentity currentUser = WindowsIdentity.GetCurrent();
foreach (IdentityReference grp in currentUser.Groups) {
NTAccount grpAccount = ((NTAccount)grp.Translate(typeof(NTAccount)));
isAuthorized = grpAccount.Value.Equals(Environment.MachineName + @”Sales”);
if (isAuthorized) break;
}
B.
WindowsPrincipal currentUser = (WindowsPrincipal)Thread.CurrentPrincipal;
isAuthorized = currentUser.IsInRole(“Sales”);
C.
GenericPrincipal currentUser = (GenericPrincipal) Thread.CurrentPrincipal;
isAuthorized = currentUser.IsInRole(“Sales”);
D.
WindowsPrincipal currentUser = (WindowsPrincipal)Thread.CurrentPrincipal;
isAuthorized = currentUser.IsInRole(Environment.MachineName);
Explanation:
To check the role membership of the current Windows user, user the IsInRole() method of the WindowsPrincipal in the current thread. A it is a lot more complicated to iterate through all the groups the user belongs to and checking for matches. The Principal classes are for this very purposes and should be used.
C uses GenericPrincipal. WindowsPrincipal should be used for windows accounts. There is an invalid cast from WindowsPrincipal to GenericPrincipal.
D does not specify the group correctly.
Correct answer is B