• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

auth-constraint doubt

 
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Given a deployment descriptor with three valid <security-constraint> elements, all constraining web resource AX, whose respective <auth-constraint> sub-elements are:



<auth-constraint>*</auth-constraint>
<auth-constraint>Bob</auth-constraint>
<auth-constraint>Alice</auth-constraint>


Who can access resource AX?

A.no one
B.all
C.only bob
D.only alice
E.bob and alice

Source :SAI

the given answer is B

But I think there will be an error because there is not role-name element within the auth-constraint element.
Right?
 
Creator of Enthuware JWS+ V6
Posts: 3411
320
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

But I think there will be an error because there is not role-name element within the auth-constraint element.
Right?


Yes, you must have a <role-name> around the role's

Regards,
Frits
 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
ok thanks ..

but when we test it in tomcat it does not show error in DD during server startup
instead it says

Acces to resource is denied



where can I see that error has been raised?
 
Frits Walraven
Creator of Enthuware JWS+ V6
Posts: 3411
320
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

where can I see that error has been raised?


There is no error: as you haven't got the <role-name> element inside a <auth-constraint> element, the server takes this as an empty <auth-constraint />, meaning: no one is allowed

It seems Tomcat doesn't mind having text inside the body of the <auth-constraint> element.....

Regards
Frits
 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Got it
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic