This week's book giveaway is in the Design forum.
We're giving away four copies of Design for the Mind and have Victor S. Yocco on-line!
See this thread for details.
Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

<security-constraint> doubt

 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Source : Marcus

Which statements are true of the following snippet of a deployment descriptor.



A. It is faulty becasue it has multiple security-constraint elements Incorrect
B. It is faulty because it does not supply the http-method tag Incorrect
C. Only members of the manager role will be able to access the resource Incorrect
D. Any user will be able to access the resource Correct
E. No users will be able to access the resource

Answer: D

I think it shall be E , I tested it and it was coming as E only. Can anyone explain?
 
Frits Walraven
Creator of Enthuware JWS+ V6
Saloon Keeper
Pie
Posts: 2342
90
Android Chrome Eclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Parth,

You are correct: when more than one constraint is set for the same resource: the no-value authority is overriding.

Regards,
Frits
 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ok..

Don't you think there shall be an error as well because of wrong placement of
<role-name>manager</role-name>

<auth-constraint>
</auth-constraint>
<role-name>manager</role-name>
</security-constraint>


and because

<web-resource-name>Sensitive</web-resource-name>


is same in both the constraints?
 
Frits Walraven
Creator of Enthuware JWS+ V6
Saloon Keeper
Pie
Posts: 2342
90
Android Chrome Eclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Don't you think there shall be an error as well because of wrong placement of
<role-name>manager</role-name>

Yes, that won't work.....
<web-resource-name> is same in both the constraints?

This might work.... but it should not have the same name, you are right

Regards,
Frits
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic