aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes To the authors - HFSJ doesnt mention this !! Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "To the authors - HFSJ doesnt mention this !! " Watch "To the authors - HFSJ doesnt mention this !! " New topic
Author

To the authors - HFSJ doesnt mention this !!

Niranjan Deshpande
Ranch Hand

Joined: Oct 16, 2005
Posts: 1277
Hi all,

1)In chapter on security in FORM based authentication example,HFSJ says
the action,user name, and password html controls should have these names -
j_security_check, j_username, j_password. But it never says what will happen if we dont follow this ?
while i was appearing for mocks from other books i came to know this -
if the action name is other than j_security_check, we dont get any error,
intead the login.html page is redisplayed.

2)Also the book doesnt say anything whether the "/" in the
<form-error-page> or <form-login-page> is mandatory or not ?
while i was appearing for mocks from other books i came to know this -
if we donr use the slash, the web app fails to start as we get a XML parsing error.

3)in the <servlet> tag, is the order
<servlet-name>
<servlet-class>
mandatory ?
while i was appearing for mocks from other books i came to know this -
yes, it is, i.e you should not alter this order. HFSJ doesnt tell this.

Any comments from the authors ??


SCJP 1.4 - 95% [ My Story ] - SCWCD 1.4 - 91% [ My Story ]
Performance is a compulsion, not a option, if my existence is to be justified.
Bryan Basham
author
Ranch Hand

Joined: Apr 30, 2001
Posts: 199
Hello Niranjan,

First, the servlet spec is also rather vague about what happens if you accidentally or deliberately misspell the j_*** names in the login form. Because of this vagueness, the web container behavior is "vendor specific".

Second, yes, the "/" is mandatory. The URLs for the login and error pages must be absolute paths (with respect to the webapp).

Lastly, the order of XML elements in the web.xml (servlet configuration) file is no longer important. The DTD for servlet spec v2.3 *was* order dependent, but that was relaxed in servlet spec v2.4.

Hope that helps,
Bryan
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: To the authors - HFSJ doesnt mention this !!