DRAG DROP
You are developing an ASP.NET Web API for a home inventory management system.
You need to limit access to users with IP addresses based only in the United States.
You have the following code:
Which code segments should you include in Target 1 and Target 2 to complete the code? (To answer, drag the
appropriate code segments to the correct targets in the answer area. Each code segment may be used once,
more than once, or nor at all. You may need to drag the split bar between panes or scroll to view content.)
Select and Place:
The correct answer for Target 2: “AuthorizationContext”.
0
1
Web API -> HttpActionContext
MVC -> AutorizationContext
8
0
I agree, which means “HttpActionContext” is correct in this case.
0
0
I agree too
Web API -> HttpActionContext
MVC -> AutorizationContext
0
0
As we are considering a web api, the correct solution for Target 1 is AuthorizationFilterAttribute.
See the following link:
https://msdn.microsoft.com/en-us/library/system.web.http.filters.authorizationfilterattribute.onauthorization(v=vs.118).aspx#M:System.Web.Http.Filters.AuthorizationFilterAttribute.OnAuthorization(System.Web.Http.Controllers.HttpActionContext)
8
0
//
// Summary:
// Specifies the authorization filter that verifies the request’s System.Security.Principal.IPrincipal.
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
public class AuthorizeAttribute : AuthorizationFilterAttribute
{
//
// Summary:
// Initializes a new instance of the System.Web.Http.AuthorizeAttribute class.
public AuthorizeAttribute();
//
// Summary:
// Gets or sets the authorized roles.
//
// Returns:
// The roles string.
public string Roles { get; set; }
//
// Summary:
// Gets a unique identifier for this attribute.
//
// Returns:
// A unique identifier for this attribute.
public override object TypeId { get; }
//
// Summary:
// Gets or sets the authorized users.
//
// Returns:
// The users string.
public string Users { get; set; }
//
// Summary:
// Calls when an action is being authorized.
//
// Parameters:
// actionContext:
// The context.
//
// Exceptions:
// T:System.ArgumentNullException:
// The context parameter is null.
public override void OnAuthorization(HttpActionContext actionContext);
//
// Summary:
// Processes requests that fail authorization.
//
// Parameters:
// actionContext:
// The context.
protected virtual void HandleUnauthorizedRequest(HttpActionContext actionContext);
//
// Summary:
// Indicates whether the specified control is authorized.
//
// Parameters:
// actionContext:
// The context.
//
// Returns:
// true if the control is authorized; otherwise, false.
protected virtual bool IsAuthorized(HttpActionContext actionContext);
}
0
0
Target 1: AuthorizationFilterAttribute
Target 2: HttpActionContext
2
0