Thanks Mani,
But now I have doubt again:
8.Consider the web.xml snippet shown in the exhibit.
Now consider the code for a
jsp file named unprotected.jsp:
<html>
<body>
<jsp:include page="/jsp/protected.jsp" />
</body>
</html>
Which of the following statements hold true when unprotected.jsp is requested by an unauthorized user?
<web-app>
...
<security-constraint>
<web-resource-collection>
<web-resource-name>
test</web-resource-name>
<url-pattern>/jsp/protected.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
...
</web-app>
Select 1 correct option.
A.The user will be prompted to enter user name and password
B.An exception will be thrown
C.protected.jsp will be executed but it's output will not be included in the response
D.The call to include will be ignored
E.None of these
ANS : E
I think the answer should be B, because it is attempting to access unauthorized resource. Can someone explain this?
Thanks a lot.