aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes auth constraint Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "auth constraint" Watch "auth constraint" New topic
Author

auth constraint

Amandeep Singh
Ranch Hand

Joined: Jul 17, 2008
Posts: 844
Consider the following web.xml snippet:

<security-constraint>
<web-resource-collection>
<web-resource-name>wholesale</web-resource-name>
<url-pattern>/acme/wholesale/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>

<auth-constraint>
<role-name>SALES</role-name>
</auth-constraint>

</security-constraint>

<security-constraint>
<web-resource-collection>
<web-resource-name>wholesale</web-resource-name>
<url-pattern>/acme/wholesale/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>

<<<< INSERT AUTH CONSTRAINT HERE >>>>
</security-constraint>

Insert an auth-constraint in the above code so that a user in role of SALES or MKTING can access the specified web resource collection.


select 2 option's

1) <auth-constraint>
<role-name>MKTING</role-name>
</auth-constraint>

2) <auth-constraint>
<role-name>ANY</role-name>
</auth-constraint>

3) <auth-constraint>
<role-name>*</role-name>
</auth-constraint>

4) <auth-constraint>
<role-name>SALES, MKTING</role-name>
</auth-constraint>

5) <auth-constraint>
<role-name>ALL</role-name>
</auth-constraint>

6) <auth-constraint></auth-constraint>

This is from Enthuware.

The correct answer given is 1 and 3.

But according to me the correct answer should be 1 and 4.

How come answer 3 is correct as this will allow every role to access the specified web resource collection. But question hat a user in role of SALES or MKTING can access the specified web resource collection.

Please advice.


SCJP 1.4, SCWCD 5, SCBCD 5, OCPJWSD 5,SCEA-1, Started Assignment Part 2
My blog- http://rkydesigns.blogspot.com
kurt hanni
Ranch Hand

Joined: Aug 11, 2007
Posts: 140

#4 is wrong as you cannot put two names in one <role-name> tag.

#3 is correct as it will allow all roles to access the constraint, including roles SALES and MKTING.

Note the question it did not say "only" SALES and MKTNG, it says how you could make this two roles access the constratint so applying *(all) gives SALES and MKTING access, so #4 is correct.



SCJA, SCJP, SCJD, SCMAD, SCWCD, SCBCD, SCDJWS, SCEA, SOA, Spring Certified, OCP MySQL 5 Developer, PMP
Amandeep Singh
Ranch Hand

Joined: Jul 17, 2008
Posts: 844
Thanks Kurt, i thought this based upon the tomcat-users.xml file, where in roles we can put more than 1 role.

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="manager"/>
<role rolename="admin"/>
<user username="admin" password="" roles="admin,manager"/>
<user username="rocky" password="rocky" roles="manager"/>
</tomcat-users>
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: auth constraint