aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes HFSJ Mock Exam 1.5 Errata Discussion Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "HFSJ Mock Exam 1.5 Errata Discussion" Watch "HFSJ Mock Exam 1.5 Errata Discussion" New topic
Author

HFSJ Mock Exam 1.5 Errata Discussion

Amit Prakash Singh
Ranch Hand

Joined: May 11, 2006
Posts: 38
Your web application has a valid dd with a single <security-constraint> tag.
Within this tag exists:
- a single http method that declares GET
All of the resources in your application exist within directory1 and directory2 and the only defined roles are BEGINNER and EXPERT.
If you want to restrict BEGINNERs from using resources in directory2, which are true about the url and role tag(s) you should declare? (Choose all that apply.)
A. A single url tag should declare directory1 and a single role tag should declare EXPERT.
B. A single url tag should declare directory2 and a single role tag should declare EXPERT.
C. A single url tag should declare directory1 and a single role tag should declare BEGINNER.
D. A single url tag should declare directory2 and a single role tag should declare BEGINNER.
E. One url tag should declare ANY and its role tag should declare EXPERT, and another url tag should declare directory2 and its role tag should declare BEGINNER.
F. One url tag should declare both directories, and its role tag should declare EXPERT, and another url tag should declare directory1 and its role

Answer Given : D, Answer Shoild be: B

since if we mention any role in the <auth-constratint>, the role is allowd to make the request and others are not. Same way here, if ansder D is true, then Beginner would be able to make request.

Please correct me If I got the answer wrong?


Amit Prakash Singh<br /> <br />SCJP 1.4 93% <br />SCWCD1.5 85%
Jay Palaniappan
Greenhorn

Joined: Jul 10, 2008
Posts: 3
I agree with you on this. It should be B not D. Many answers in final mock exam of HFSJ 1.5 is debatable and open to interpretation. I would love to list all the questions but it might take few hrs of work. Please do not rely on the answers given. If you have any doubt try to build your own code to test the answer and also refer to JSP and J2EE specs for clarification.
Amit Prakash Singh
Ranch Hand

Joined: May 11, 2006
Posts: 38
Next Question 58:

Your Java EE web application is gaining in popularity and you decide to add a second server to support the volume of client requests. Which are true about the migration of a session from one server to the other? (Choose all that apply.)
A. Such migrations are not possible within a session.
B. When a session is migrated, its HttpSession goes with it.
C. When a session is migrated, its ServletContext goes with it.
D. When a session is migrated, its HttpServletRequest goes with it.
E. If an object is added using HttpSession.setAttribute, the object must be Serializable in order to be migrated from one server to the other.
F. If an object is added using HttpSession.setAttribute, and the object�s class has implemented Serializable.readObject and Serializable.writeObject, and the session is migrated, the container will invoke these readObject and writeObject methods.
G. If a session attribute implements HttpSessionActivationListener, the container�s only requirement is to notify listeners once the session has been activated on the new server

Answer Given is : B and E,

But option E is debatble : because as per HFSJ page - 260: "make sure your attribute class types are Serializable and you never have to worry about it.But if they�re not Serializable (which could be because one of the attribute object�s instance variables is not Serializable), have your attribute object class implement HttpSessionActivationListener and use the activation/passivation callbacks to work around it"

So object must be serializable doesn't holds true according to the comment?

Please make your statements...

Thanks
Amit
sridhar row
Ranch Hand

Joined: Jan 16, 2008
Posts: 162
Amit Prakash Singh wrote:Your web application has a valid dd with a single <security-constraint> tag.
Within this tag exists:
- a single http method that declares GET
All of the resources in your application exist within directory1 and directory2 and the only defined roles are BEGINNER and EXPERT.
If you want to restrict BEGINNERs from using resources in directory2, which are true about the url and role tag(s) you should declare? (Choose all that apply.)
A. A single url tag should declare directory1 and a single role tag should declare EXPERT.
B. A single url tag should declare directory2 and a single role tag should declare EXPERT.
C. A single url tag should declare directory1 and a single role tag should declare BEGINNER.
D. A single url tag should declare directory2 and a single role tag should declare BEGINNER.
E. One url tag should declare ANY and its role tag should declare EXPERT, and another url tag should declare directory2 and its role tag should declare BEGINNER.
F. One url tag should declare both directories, and its role tag should declare EXPERT, and another url tag should declare directory1 and its role

Answer Given : D, Answer Shoild be: B

since if we mention any role in the <auth-constratint>, the role is allowd to make the request and others are not. Same way here, if ansder D is true, then Beginner would be able to make request.

Please correct me If I got the answer wrong?


Sorry to open an old thread...but I feel even B is not the right answer as BEGINNER will still be able to access resources in directory2 using HTTP methods other than GET..Please correct me if I'm wrong.
Sourin K. Sen
Ranch Hand

Joined: May 02, 2006
Posts: 86
sridhar row wrote:
Sorry to open an old thread...but I feel even B is not the right answer as BEGINNER will still be able to access resources in directory2 using HTTP methods other than GET..Please correct me if I'm wrong.

That's very true. BEGINNER can use other HTTP methods to access the resource. I think the question maker left out something in it by mistake.


Regards,<br />Sourin.
Sourin K. Sen
Ranch Hand

Joined: May 02, 2006
Posts: 86
Amit Prakash Singh wrote:
But option E is debatble : because as per HFSJ page - 260: "make sure your attribute class types are Serializable and you never have to worry about it.But if they�re not Serializable (which could be because one of the attribute object�s instance variables is not Serializable), have your attribute object class implement HttpSessionActivationListener and use the activation/passivation callbacks to work around it"

So object must be serializable doesn't holds true according to the comment?

E is not debatable, it IS wrong. Option B is the only correct answer.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: HFSJ Mock Exam 1.5 Errata Discussion
 
Similar Threads
SCWCD 1.5 HFSJ Final Mock exam queries
Final Mock Test Question 49,69, Head First and Servlets
HFSP 2nd edition Mock Exam Q69
How come 'D' Option correct
HFSJ 2nd edition Mock exam questions 6, 11,26,34,49 and 69