my dog learned polymorphism*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Head first book mock exam doubt Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Head first book mock exam doubt" Watch "Head first book mock exam doubt" New topic
Author

Head first book mock exam doubt

Amru Jahagirdar
Ranch Hand

Joined: Sep 16, 2009
Posts: 39
I have head first servlet & jsp 2nd edition book.

In the final mock exam question no 30. is

In DD we have 2 security roles defined : student and sebsei.
There are 2 security constraint elements that declare same resource to be constrained.

First security constraint is:

<aurth-constraint>
<role-name> student <role-name>
</aurth-constraint>

Second security constraint has:
<aurth-constraint/>

The answer given in book is option D that says:

If second <aurth-constraint> element is removed, the constrained resource can be accessed by both the roles.

But I think the answer should be option F that says:

If second <aurth-constraint> element is removed, the constrained resource can be accessed by only student role.

Please let me know.
Bindu Lakhanpal
Ranch Hand

Joined: Oct 17, 2008
Posts: 165

Errata
Amru Jahagirdar
Ranch Hand

Joined: Sep 16, 2009
Posts: 39
Thanks Bindu...
Tommi Vd
Ranch Hand

Joined: Apr 23, 2009
Posts: 49
is it me or are the exams from the head first book more difficult than others and those on the exam?
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9293
    
  17

Thomas Van Driessche wrote:is it me or are the exams from the head first book more difficult than others and those on the exam?


No its not you, the questions on the Head First book are tougher than the real exam...


SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
Pete Pommelich
Greenhorn

Joined: Oct 14, 2009
Posts: 6
Hi,

I don't understand this yet. If we have the following part of the DD


And we remove the second <auth-constraint/>, the above DD part is equal to the following

(see page 669 2nd Edition) which means, everbody can make a request for the constraint resource. Or am I wrong?

Kind Regards,
Pete
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9293
    
  17

Yes you are right. If there's no auth-constraint element for a security constraint element, then every user can access that resource...
Pete Pommelich
Greenhorn

Joined: Oct 14, 2009
Posts: 6
So, answer D
If second <aurth-constraint> element is removed, the constrained resource can be accessed by both the roles.
is still correct, isn't it?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Head first book mock exam doubt