Do anyone recall what type of question(s) is given on session management ? Also, in HTTP security is there any authentication mechanism outside the 4 (BASIC/DIGEST/FORM/CLIEN-CERT) given in the objectives ? Thanks, -PP
Do anyone recall what type of question(s) is given on session management ?
Section 5 - Designing and Developing Servlets Using Session Management 5.1 Identify the interface and method for each of the following: �Retrieve a session object across multiple requests to the same or different servlets within the same WebApp �Store objects into a session object �Retrieve objects from a session object �Respond to the event when a particular object is added to a session �Respond to the event when a session is created and destroyed �Expunge a session object 5.2 Given a scenario, state whether a session object will be invalidated. 5.3 Given that URL-rewriting must be used for session management, identify the design requirement on session-related HTML pages.
Also, in HTTP security is there any authentication mechanism outside the 4 (BASIC/DIGEST/FORM/CLIEN-CERT) given in the objectives ?
For the exam, no. 6.1 Identify correct descriptions or statements about the security issues: �Authentication, authorization �Data integrity �Auditing �Malicious code �Web site attacks 6.2 Identify the deployment descriptor element names, and their structure, that declare the following: �A security constraint �A Web resource �The login configuration �A security role 6.3 Given an authentication type: BASIC, DIGEST, FORM, and CLIENT-CERT, identify the correct definition of its mechanism.