PrepAway - Latest Free Exam Questions & Answers

What should you do?

You are creating a Windows Communication Foundation (WCF) service by using Microsoft .NET Framework 3.5. The WCF service will validate certificates to authorize client applications. You write the following code segment.

class Store: IStore
{
public void RemoveOrder(int ordered)
{}
}

You need to ensure that only those client applications that meet the following criteria can access the RemoveOrder method:

“AdminUser” is the subject in the client certificate. “1bf47e90f00acf4c0089cda65e0aadcf1cedd592” is the thumbprint in the client certificate.

What should you do?

PrepAway - Latest Free Exam Questions & Answers

A.
Decorate the RemoveOrder method by using the following attribute.
[PrincipalPermission(SecurityAction.Demand, Name=”AdminUser; 1bf47e90f00acf4c0089cda65e0aadcf1cedd592″)]
Initialize the serviceAuthorization element of the service behavior in the following manner.
<serviceAuthorization principalPermissionMode=”Windows”/>

B.
Decorate the RemoveOrder method by using the following attribute.
[PrincipalPermission(SecurityAction.Demand, Role=”CN=AdminUser, 1bf47e90f00acf4c0089cda65e0aadcf1cedd592″)]
Initialize the serviceAuthorization element of the service behavior in the following manner.
<serviceAuthorization principalPermissionMode=”Windows”/>

C.
Decorate the RemoveOrder method by using the following attribute.
[PrincipalPermission(SecurityAction.Demand, Role=”AdminUser, 1bf47e90f00acf4c0089cda65e0aadcf1cedd592″)]
Initialize the serviceAuthorization element of
the service behavior in the following manner.
<serviceAuthorization principalPermissionMode=”UseAspNetRoles”/>

D.
Decorate the RemoveOrder method by using the following attribute.
[PrincipalPermission(SecurityAction.Demand, Name = “CN=AdminUser; 1bf47e90f00acf4c0089cda65e0aadcf1cedd592”)]
Initialize the serviceAuthorization element of the service behavior in the following manner.
<serviceAuthorization principalPermissionMode=”UseAspNetRoles”/>

Explanation:
How to: Restrict Access with the PrincipalPermissionAttribute Class

// Only a client authenticated with a valid certificate that has the
// specified subject name and thumbprint can call this method.
[PrincipalPermission(SecurityAction.Demand,
Name = “CN=ReplaceWithSubjectName; 123456712345677E8E230FDE624F841B1CE9D41E”)]
public double Multiply(double a, double b)
{
return a * b;
}

<behaviors>
<serviceBehaviors>
<behavior name=”SvcBehavior1″>
<serviceAuthorization principalPermissionMode=”UseAspNetRoles” />
</behavior>
</serviceBehaviors>
</behaviors>

http://msdn.microsoft.com/en-us/library/ms731200.aspx


Leave a Reply