Question:

You are writing code for user authentication and authorization. The username, password, and roles are stored in your application data store.

You need to establish a user security context that will be used for authorization checks such as IsInRole. You write the following code segment to authorize the user.

if (!TestPassword(userName, password))

throw new Exception("could not authenticate user");

String[] userRolesArray = LookupUserRoles(userName);

You need to complete this code so that it establishes the user security context.

Which code segment should you use?

 

A NTAccount userNTName = new NTAccount(userName);
GenericIdentity ident = new GenericIdentity(userNTName.Value); GenericPrincipal currentUser= new GenericPrincipal(ident, userRolesArray); Thread.CurrentPrincipal = currentUser; 

B IntPtr token = IntPtr.Zero;
token = LogonUserUsingInterop(userName, encryptedPassword); WindowsImpersonationContext ctx =
WindowsIdentity.Impersonate(token); 

C WindowsIdentity ident = new WindowsIdentity(userName); WindowsPrincipal currentUser = new WindowsPrincipal(ident); Thread.CurrentPrincipal = currentUser; 

D GenericIdentity ident = new GenericIdentity(userName); GenericPrincipal currentUser =
new GenericPrincipal(ident, userRolesArray);
Thread.CurrentPrincipal = currentUser; 

+ Answer
+ Report
Total Preview: 673

Copyright © 2024. Powered by Intellect Software Ltd