wood burning stoves 2.0*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes <auth-method>BASIC</auth-method> doubt?? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "<auth-method>BASIC</auth-method> doubt??" Watch "<auth-method>BASIC</auth-method> doubt??" New topic
Author

<auth-method>BASIC</auth-method> doubt??

Poonam Agarwal
Ranch Hand

Joined: May 12, 2008
Posts: 323
Which of the following security mechanisms utilizes the concept of a realm?


1. Basic
2. Digest
3. Form
4. client-cert

The given answer is 1. Is this means whenever we have to use Basic as a Authentication mechanisam, we have to specify the relam also.???

like <web-app>
...
<login-config>
<!-- auth-method can be: BASIC, FORM, DIGEST, or CLIENT-CERT -->
<auth-method>BASIC</auth-method>
<realm-name>TestRealm</realm-name>
</login-config>
...
</web-app>

<realm-name>TestRealm</realm-name> is this the mandatory element while using Basic as <auth-method>?? because I might not noticed if HFSJ talks about it.

Thanks


Thanks <br />Poonam Agarwal SCWCD 86%
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9293
    
  17

Well if you read the question again

Which of the following security mechanisms utilizes the concept of a realm?


Here utilizes doesn't mean that you are forced to use it. So I don't think that the realm-name attribute is mandatory...


SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
Poonam Agarwal
Ranch Hand

Joined: May 12, 2008
Posts: 323
hmmmn... Good observation ankit

thnaks budy
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9293
    
  17

Not related to the question, but I think poonam you make a lot of typos . I think you must concentrate on that along with SCWCD . Don't take this as an insult or something. This is said in good sense from all the angles ...
Poonam Agarwal
Ranch Hand

Joined: May 12, 2008
Posts: 323
Don't take this as an insult or something. This is said in good sense from all the angles


I won't as I don't know you Indeed
Poonam Agarwal
Ranch Hand

Joined: May 12, 2008
Posts: 323
By the way , ankit, this post is cover the exam objective for security and other related stuff.
I think you need a one more glance at the Objectives of the SCWCD

Don't mind its just a advice budy
Benjamin Hiner
Greenhorn

Joined: Feb 27, 2009
Posts: 12
The Digest method of HTTP authentication challenges the client with a realm and the client is supposed to hash together the username password and realm. wiki Digest authentication. According to the rfc the realm is sent to the client for basic and digest authentication but it is only used for the return value for digest. Reference here. Am I just misunderstanding the question?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: <auth-method>BASIC</auth-method> doubt??