I got a litlle confused with some issues reagrding "IF" and "FC".
1 - What is the best pattern for "authentication" and "authorization" issues?
2- What is teh best pattern for validing request params?
1) If the logic of authentication and authorization is common for all or a lot of servlets in a web application, then you should encapsulate the logic in a filter class. I had a question in similar context during the exam, I chose Intercepting Filter pattern and was marked correct.
2) I will say Front Controller because Strut allows developer to define a form bean to validate request parameters and then forward the request to appropriate page based on the result of the validation.