You are writing code for user authentication and authorization.

You are writing code for user authentication and authorization. The username, password, and
roles are stored in your application data store.
You need to establish a user security context that will be used for authorization checks such as
IsInRole. You write the following code segment to authorize the user.
if (!TestPassword(userName, password))
throw new Exception(“could not authenticate user”);String[] userRolesArray =
LookupUserRoles(userName); You need to complete this code so that it establishes the user
security context. Which code segment should you use?

A. GenericIdentity ident = new GenericIdentity(userName);GenericPrincipal currentUser =
    new GenericPrincipal(ident, userRolesArray);Thread.CurrentPrincipal = currentUser;
B. WindowsIdentity ident = new WindowsIdentiy(userName);WindowsPrincipal currentUser = new     
    WindowsPrincipal(ident);Thread.CurrentPrincipal = currentUser;
C. NTAccount userNTName = new NTAccount(userName);GenericIdentity ident = new   
    GenericIdentity(userNTName.Value);GenericPrincipal currentUser = new 
    GenericPrincipal(ident, userRolesArray);Thread.CurrentPrincipal = currentUser;
D. IntPtr token = IntPtr.Zero;token = LogonUserUsingInterop(username, 
    encryptedPassword);WindowsImpersonationContext ctx = 
    WindowsIdentity.Impersonate(token);


Answer: A 

No comments:

Post a Comment