PrepAway - Latest Free Exam Questions & Answers

Which service behavior should you use to authorize the calls?

A Windows Communication Foundation (WCF) service uses a list of application-defined roles for operations.
These roles are stored in a database. You need to authorize calls against the list of roles retrieved from the database.
Which service behavior should you use to authorize the calls?

PrepAway - Latest Free Exam Questions & Answers

A.
<serviceAuthorization principalPermissionMode=”UseWindowsGroups” roleProviderName=”SqlProvider” />

B.
<serviceAuthorization principalPermissionMode=”None” roleProviderName=”SqlProvider” />

C.
<serviceAuthorization principalPermissionMode=”UseAspNetRoles” roleProviderName=”SqlProvider” />

D.
<serviceAuthorization principalPermissionMode=”Custom” roleProviderName=”SqlProvider” />

Explanation:
<serviceAuthorization> element .NET Framework 4
Specifies settings that authorize access to service operations

Syntax:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceAuthorization>

<serviceAuthorization
impersonateCallerForAllOperations=”Boolean”
principalPermissionMode=”None/UseWindowsGroups/UseAspNetRoles/Custom”
roleProviderName=”String”
serviceAuthorizationManagerType=”String” />
<authorizationPolicies>
<add policyType=”String” />
</authorizationPolicies>
</serviceAuthorization>

Remarks

This section contains elements affecting authorization, custom role providers, and impersonation.
The principalPermissionMode attribute specifies the groups of users to use when authorizing use of a protected method.
The default value is UseWindowsGroups and specifies that Windows groups, such as “Administrators” or “Users,”
are searched for an identity trying to access a resource. You can also specify UseAspNetRoles to use a custom role provider
that is configured under the <system.web> element, as shown in the following code.

<system.web>
<membership defaultProvider=”SqlProvider” userIsOnlineTimeWindow=”15″>
<providers>
<clear />
<add
name=”SqlProvider”
type=”System.Web.Security.SqlMembershipProvider”
connectionStringName=”SqlConn”
applicationName=”MembershipProvider”
enablePasswordRetrieval=”false”
enablePasswordReset=”false”
requiresQuestionAndAnswer=”false”
requiresUniqueEmail=”true”
passwordFormat=”Hashed” />
</providers>
</membership>
<!– Other configuration code not shown.–>
</system.web>

The following code shows the roleProviderName used with the principalPermissionMode attribute.

<behaviors>
<behavior name=”ServiceBehaviour”>
<serviceAuthorization principalPermissionMode =”UseAspNetRoles” roleProviderName =”SqlProvider” />
</behavior>
<!– Other configuration code not shown. –>
</behaviors>

 

4 Comments on “Which service behavior should you use to authorize the calls?


Leave a Reply