You are creating a Windows Communication Foundation (WCF) service by using Microsoft .NET Framework 3.5. The WCF service will validate certificates to authorize client applications. You write the following code segment.
class Store: IStore
{
public void RemoveOrder(int ordered)
{}
}
You need to ensure that only those client applications that meet the following criteria can access the RemoveOrder method:
“AdminUser” is the subject in the client certificate. “1bf47e90f00acf4c0089cda65e0aadcf1cedd592” is the thumbprint in the client certificate.
What should you do?
A.
Decorate the RemoveOrder method by using the following attribute.
[PrincipalPermission(SecurityAction.Demand, Name=”AdminUser; 1bf47e90f00acf4c0089cda65e0aadcf1cedd592″)]
Initialize the serviceAuthorization element of the service behavior in the following manner.
<serviceAuthorization principalPermissionMode=”Windows”/>
B.
Decorate the RemoveOrder method by using the following attribute.
[PrincipalPermission(SecurityAction.Demand, Role=”CN=AdminUser, 1bf47e90f00acf4c0089cda65e0aadcf1cedd592″)]
Initialize the serviceAuthorization element of the service behavior in the following manner.
<serviceAuthorization principalPermissionMode=”Windows”/>
C.
Decorate the RemoveOrder method by using the following attribute.
[PrincipalPermission(SecurityAction.Demand, Role=”AdminUser, 1bf47e90f00acf4c0089cda65e0aadcf1cedd592″)]
Initialize the serviceAuthorization element of
the service behavior in the following manner.
<serviceAuthorization principalPermissionMode=”UseAspNetRoles”/>
D.
Decorate the RemoveOrder method by using the following attribute.
[PrincipalPermission(SecurityAction.Demand, Name = “CN=AdminUser; 1bf47e90f00acf4c0089cda65e0aadcf1cedd592”)]
Initialize the serviceAuthorization element of the service behavior in the following manner.
<serviceAuthorization principalPermissionMode=”UseAspNetRoles”/>
Explanation:
How to: Restrict Access with the PrincipalPermissionAttribute Class// Only a client authenticated with a valid certificate that has the
// specified subject name and thumbprint can call this method.
[PrincipalPermission(SecurityAction.Demand,
Name = “CN=ReplaceWithSubjectName; 123456712345677E8E230FDE624F841B1CE9D41E”)]
public double Multiply(double a, double b)
{
return a * b;
}<behaviors>
<serviceBehaviors>
<behavior name=”SvcBehavior1″>
<serviceAuthorization principalPermissionMode=”UseAspNetRoles” />
</behavior>
</serviceBehaviors>
</behaviors>http://msdn.microsoft.com/en-us/library/ms731200.aspx