You work as a Software Developer for company Inc. The company uses Visual Studio.NET 2008 as its
application development platform. You have recently finished development of an ASP.NET Web
application using the .NET Framework 3.5. The application is deployed on the IIS 6.0 Web server by
using the default ASP.NET 2.0 application pool and Windows Authentication. The ASP.NET
application is capable of uploading files to a location on a different server. Users get an access
denied error message when they try to submit a file. You are required to amend the Web.config file
to accomplish this task. What will you do?
A.
Add the following configuration to the Web.config file:
<authorization>
<allow users=”*” />
</authorization>
B.
Add the following configuration to the Web.config file:
<identity impersonate=”false” />
C.
Add the following configuration to the Web.config file:
<anonymousIdentification enabled=”true” />
D.
Add the following configuration to the Web.config file:
<identity impersonate=”true” />
Explanation:
You will add the following configuration to the Web.config file:
<identity impersonate=”true”/>
You will enable impersonation by setting the impersonate attribute of the identity element to true.
The identity element is an ASP.NET Settings Schema.
It is used to configure the identity of a Web application. The identity element can be declared at any
level in the configuration file hierarchy. Its syntax
is as follows:
<identity impersonate=”true|false”
userName=”domain\username”
password=”<secure password>”/>
The above syntax includes a password to show how the syntax works. In applications, it is
recommended to use a secure password. The impersonate attribute of the <identity> element
specifies whether or not client impersonation is used on each request. The impersonate attribute
can be set either to true or false. It is set to true when client impersonation is used. Otherwise, it is
false. Impersonation is a technique that allows the .NET process to act as an authenticated user or as
an arbitrarily specified user. For this purpose, an authenticated token is passed to a .NET application
for authenticating a user, or an unauthenticated token is passed to the .NET application for not
authenticating the user. The .NET application impersonates receive token only if impersonation is
enabled. Impersonation is applied only to those applications where .NET is used to communicate
with a server.Answer C is incorrect. The anonymousIdentification Element is an ASP.NET Settings Schema. It is
used to configure anonymous identification for an application authorization. It is also required for
identifying entities that are not authenticated when authorization is needed. Its syntax is as follows:
Answer B is incorrect. In order to accomplish this task, the impersonate attribute should be set to true.
Answer A is incorrect. The <authorization> element is used to configure ASP.NET authorization
support. It contains <allow> and <deny> sub elements. These sub elements are used to allow or deny
access to a resource based on specific users or roles.
1.<allow> element: The <allow> element is used to allow access to a resource based on specific users
or roles. This element can be used with the following attributes:
The users attribute: The users attribute of the <allow> element is used to specify user names that
are allowed access to a resource. Setting this attribute to “*” allows all users to access the
application. Setting it to “?” allows only anonymous users to access the application.
The roles attribute: The roles attribute of the <allow> element is used to specify a comma-separated
list of roles that are granted access to a resource.
2.<deny> element: The <deny> element is used to deny access to a resource based on specific users
or roles. This element can be used with the following attributes:
The users attribute: The users attribute of the <deny> element is used to specify user names that are
denied access to a resource. Setting the users attribute to “*” will deny all users from accessing the
application. Setting this attribute to “?” will deny anonymous or unauthorized users from accessing
the application.
The roles attribute: The roles attribute of the <deny> element is used to specify a comma-separated
list of roles that are denied access to a resource.
