permaculture playing cards*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Regarding Security Constraint Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Regarding Security Constraint" Watch "Regarding Security Constraint" New topic
Author

Regarding Security Constraint

yekkala krishna
Ranch Hand

Joined: Mar 04, 2007
Posts: 105
Hi,

I am following Hanumant Deshmukh material for preparation of SCWCD Exam.I have small query regarding the following question.Can Anybody expalain the below question?

3. class MyServlet extends HttpServlet {
4. public void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException,
IOException {
5. // servlet code here ...
26. }
27. }
If the DD contains a single security constraint associated with MyServlet and its only <http-method> tags
and <auth-constraint> tags are:
<http-method>GET</http-method>
<http-method>PUT</http-method>
<auth-constraint>Admin</auth-constraint>
Which four requests would be allowed by the container? (Choose four.)

A. A user whose role is Admin can perform a PUT.
B. A user whose role is Admin can perform a GET.
C. A user whose role is Admin can perform a POST.
D. A user whose role is Member can perform a PUT.
E. A user whose role is Member can perform a POST.
F. A user whose role is Member can perform a GET.

Answer: A, B, C, E

Waiting for your reply:

With Regards,
Rama Krishna.Y
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9303
    
  17

Is there anything specific that you didn't understand?? Whenever we apply a security constraint to a resource, then the restriction applies to only the http methods that we constraint. Other http methods can be accessed by anyone. So if you constraint the GET and PUT methods on a resource, anyone can make a POST or DELETE etc request on that resource...


SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
yekkala krishna
Ranch Hand

Joined: Mar 04, 2007
Posts: 105
Hi Ankit,

Thanks for your reply.Now i got clear idea regarding Security Constraint.

With Regards,
Rama Krishna.Y
Łukasz Suchecki
Ranch Hand

Joined: Aug 04, 2009
Posts: 55
please post PROPER web.xml fragments.
There should be

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Regarding Security Constraint