• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

<auth-method>BASIC</auth-method> doubt??

 
Ranch Hand
Posts: 324
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Which of the following security mechanisms utilizes the concept of a realm?


1. Basic
2. Digest
3. Form
4. client-cert

The given answer is 1. Is this means whenever we have to use Basic as a Authentication mechanisam, we have to specify the relam also.???

like <web-app>
...
<login-config>
<!-- auth-method can be: BASIC, FORM, DIGEST, or CLIENT-CERT -->
<auth-method>BASIC</auth-method>
<realm-name>TestRealm</realm-name>
</login-config>
...
</web-app>

<realm-name>TestRealm</realm-name> is this the mandatory element while using Basic as <auth-method>?? because I might not noticed if HFSJ talks about it.

Thanks
 
Sheriff
Posts: 9707
43
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Well if you read the question again

Which of the following security mechanisms utilizes the concept of a realm?



Here utilizes doesn't mean that you are forced to use it. So I don't think that the realm-name attribute is mandatory...
 
Poonam Agarwal
Ranch Hand
Posts: 324
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hmmmn... Good observation ankit

thnaks budy
 
Ankit Garg
Sheriff
Posts: 9707
43
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Not related to the question, but I think poonam you make a lot of typos . I think you must concentrate on that along with SCWCD . Don't take this as an insult or something. This is said in good sense from all the angles ...
 
Poonam Agarwal
Ranch Hand
Posts: 324
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Don't take this as an insult or something. This is said in good sense from all the angles



I won't as I don't know you Indeed
 
Poonam Agarwal
Ranch Hand
Posts: 324
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
By the way , ankit, this post is cover the exam objective for security and other related stuff.
I think you need a one more glance at the Objectives of the SCWCD

Don't mind its just a advice budy
 
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The Digest method of HTTP authentication challenges the client with a realm and the client is supposed to hash together the username password and realm. wiki Digest authentication. According to the rfc the realm is sent to the client for basic and digest authentication but it is only used for the return value for digest. Reference here. Am I just misunderstanding the question?
reply
    Bookmark Topic Watch Topic
  • New Topic