You are developing an application that will use custom authentication and role-based security.
You need to write a code segment to make the runtime assign an unauthenticated principal object to each running thread.
Which code segment should you use?
A.
AppDomain domain = AppDomain.CurrentDomain;
domain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
B.
AppDomain domain = AppDomain.CurrentDomain;
domain.SetThreadPrincipal(new WindowsPrincipal(null));
C.
AppDomain domain = AppDomain.CurrentDomain;
domain.SetAppDomainPolicy(PolicyLevel.CreateAppDomainLevel());
D.
AppDomain domain = AppDomain.CurrentDomain;
domain.SetPrincipalPolicy(PrincipalPolicy.UnauthenticatedPrincipal);
Explanation:
Setting the PrincipalPolicy for the AppDomain to UnauthenticatedPrincipal will default the Principal for each thread to an unauthenticated principal .
A sets the policy to WindowsPrincipal, threads will have their principal set according the windows account that they are running as.
B SetThreadPrincipal() does not set the default policy for all new threads. Also a WindowsPrincipal is used instead of UnauthenticatedPrincipal.
C SetAppDomainPolicy is used to set the security policy level for the domain.
Correct answer is D