Imperative RBS Demands
Very popular measure, steps and actions to take to avoid unauthorized access, use and modifications of data, files, permissions etc.
These are necessary, crucial, vital, urgent and very important access restrictions. These are declared within the code itself, used best in order to restrict access to portions of code on a very granular basis. Specifying these imperatives, means creating applications that restricts access to portions of application-logic. User security access enabler, utility and process.
These are more specific than the declarative RBS demands (see defined elsewhere) and can be applied to portions of, not merely the whole method. There are FOUR elements to the code that have to be present for Imperative RBS demands. They are:
• System.App.Domain.CurrentDomain.SetPrincipalPolicy method
• Try/Catch block for underprivileged users, access attempts, reporting the error, logging it
• Principal.Permission Object, set according to the specific instructions, restrictions, you want to impose
• A call to the Principal.Permission.Demand Method to declare the methods access requirements.
Different from the declarative RBS demands, there are also THREE overloaded constructors to take care of and into consideration: (i) permission state (ii) name and role (iii) name, Role, Authenticated.
Access is then allowed or denied based on these specifications and permissions settings. Custom identities and special interfaces can also utilize these processes and utilities (WindowsIdentity, WindowsPrincipal)
Key Exam Points
Review the chapters, relevant content and references pertaining to Authenticating and Authorizing users, User and Data Security, Permissions, Permission sets, Security Policies, RBS Demands (declarative & Imperative), how they differ, when best to use what, where, how and why.
For the exam, study examples for creating, implementing real-life imperative RBS Demands, that help you to gain a better understanding of this topic.
- Take the practice exam, test sample questions (with answers/solutions) Q&A, practical work-lab exercises, scenarios and application illustrations
Authentication, Authorization, Declarative RBS Demands.
This article is based on the 2nd edition of the Microsoft .Net Framework Application Training Kit with the purpose to help 70-536 Exam takers to succeed. I constantly look for ways to improve the content. Please leave a comment about this article or drop me a message if you would like to see changes for this site.