For your first question , I think you are thinking too deep.
Isn`t it will be great to handle security programmaticaly rather than coding your security logic into
servlet code.
And for your second question , the question is asking about doXXX() methods , not the methods that you can request to web server.
In HttpServlet (abstract class) we have doDelete() , doOptions() , doGet() , doPut() , doPost() , doTrace() ,doHead() .
so only 7 methods .
Tea Addict, Oracle Java Programmer , Oracle SQL Expert , Oracle Java Web Component Developer, Oracle Web Service Developer