You are developing a Windows Communication Foundation (WCF) service that returns location information
for authorized law enforcement agencies. The service contract is as follows:
[ServiceContract]
public interface IMappingService
{
[OperationContract]
long[] GetLocationCoordinates(String cityName);
[OperationContract]
long[] GetLocationOfCitizen(String ssn);
}
Users are authenticated and impersonated. The system uses ASP.NET roles.
The members of law enforcement are members of the LawEnforcement role.
You need to ensure that only members of the LawEnforcement role can call these methods.
What are two possible ways to achieve this goal?() (Each correct answer presents a complete solution. Choose two.)
A. Add a PrincipalPermissionAttribute to each method that should be available only to members of law enforcement. Set its SecurityAction to Demand and set the role equal to LawEnforcement.
B. Use the CurrentPrincipal property of the thread. Call the IsInRole method specifying LawEnforcement as a parameter.
C. Create a GenericPrincipal specifying Thread.CurrentPrincipal.Identity as the IIdentityParameter and LawEnforcement as the only value for the Roles parameter.
D. At the beginning of each method, enumerate each ClaimSet in a new WindowsClaimSet. Use the FindClaims method to locate a claim type named Role with a right named LawEnforcement.