What are two possible ways to achieve this goal?

seenagapeMay 25, 2012

You are developing a Windows Communication Foundation (WCF) service that returns location information
for authorized law enforcement agencies. The service contract is as follows:

[ServiceContract]
public interface IMappingService
{
[OperationContract]
long[] GetLocationCoordinates(String cityName);
[OperationContract]
long[] GetLocationOfCitizen(String ssn);
}

Users are authenticated and impersonated. The system uses ASP.NET roles.
The members of law enforcement are members of the LawEnforcement role.
You need to ensure that only members of the LawEnforcement role can call these methods.
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)

PrepAway - Latest Free Exam Questions & Answers

A.
Add a PrincipalPermissionAttribute to each method that should be available only to members of law enforcement.
Set its SecurityAction to Demand and set the role equal to LawEnforcement.

B.
Use the CurrentPrincipal property of the thread. Call the IsInRole method specifying LawEnforcement as a parameter.

C.
Create a GenericPrincipal specifying Thread.CurrentPrincipal.Identity as the IIdentityParameter
and LawEnforcement as the only value for the Roles parameter.

D.
At the beginning of each method, enumerate each ClaimSet in a new WindowsClaimSet.
Use the FindClaims method to locate a claim type named Role with a right named LawEnforcement.

Explanation:
Thread.CurrentPrincipal Property
Gets or sets the thread’s current principal (for role-based security).
Thread.CurrentPrincipal Property
(http://msdn.microsoft.com/en-us/library/system.threading.thread.currentprincipal.aspx)
To demand user membership:
* Open the Windows Communication Foundation (WCF) code file that contains the implemented service contract code.
* Apply the PrincipalPermissionAttribute attribute to each method that must be restricted to a specific group.
* Set the Action property to Demand and the Role property to the name of the group.
For example:
// Only members of the CalculatorClients group can call this method.
[PrincipalPermission(SecurityAction.Demand, Role = “CalculatorClients”)]
public double Add(double a, double b)
{
return a + b;
}
How to: Restrict Access with the PrincipalPermissionAttribute Class
(http://msdn.microsoft.com/en-us/library/ms731200(v=vs.90).aspx)

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

Microsoft Exam Questions

Free Microsoft Study Guide

What are two possible ways to achieve this goal?

One Comment on “What are two possible ways to achieve this goal?”

Leave a Reply Cancel reply