I feel like I am sooo close to being ready to sit this exam (70-316), this is an area that Ijust can't seem to get stuck into my thick skull. I have
looked at many different sites and text's but I have found they all just seem to say the same thing.
I know there are several really smart guys here, so I was hoping you guys would be kind enough to just post your own answers to the following questions,
I'd really appreciate it.
Define/Describe "Code Access Security".
Define/Describe "Role-Based Security".
Can you give an example of when you have used both/either of them in your projects (a brief summary of how and why would be fine!)
So you know I am not just looking to freeload the question, here is my understanding so far (which I am of course writing from memory, so there is bound
to be mistakes!) plus any points I am struggling with:
1. Code-Access security is about ensuring code has the appropriate access level to run. This is defined by Permission
objects, of which there are
many specialised classes that represent different resources (such as FileIO & DialogBoxes). This can either be Declarative
(declared at compile
time in the code) or Imperative
requested at runtime.
How does this [roughly] work? How do Permission Sets and Intersectioning work?
2. Role-Based security ensures that the specified user
is authorised to perform an action. This revolves a lot around the Principle
which represents a user. RB security enables you to check that the current user is authenticated within Windows and part of a group within a domain.
Kinda the same question here really? Any better, more complete descriptions around?
3. Never :)
Very many thanks guys, I know these questions are kind of wooly, but I am looking more for chit-chat than code! :)
The Developing Developer
Currently Working Towards: MCAD C#
My Blog: http://robzyc.spaces.live.com