• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Question 48 - Final mock exam HFSJ

 
Paul Statham
Ranch Hand
Posts: 56
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The question says


Your web application has a valid dd with a single <security-constraint> tag. Within this tag exists:

- a single url pattern that declares directory1
- a single http method that declares POST
- a single role name that declares GUEST

If all of the resources for your application exist within directory1 and directory2, and MEMBER is also a valid role, which are true? (Choose all that apply.)

A. GUESTs cannot do GET requests in directory1.
B. GUESTs can do GET requests in both directories.
C. GUESTs can do POST requests only in directory2.
D. MEMBERs can do GET requests in both directories.
E. GUESTs can do POST requests in both directories.
F. MEMBERs can do only POST requests in directory1.


The answers given are BDE, I think it should be BCD. This is because according to the above GUESTs are restricted from making POST requests to directory1, but not directory2.
 
Piyush Joshi
Ranch Hand
Posts: 207
Eclipse IDE Firefox Browser jQuery
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The security-constaint described in question declares that only GUESTs can do POST request in directory 1. It doesn't mean that GUESTs are restricted from making POST requests to directory 1, actually it means exact opposite! Any user except GUEST can not do Post request in directory 1.
For a quick review see page 665 of HF JSP & Servlets.
 
Don't get me started about those stupid light bulbs.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic