• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

HFEJB Final Mock Exam Question (P.664)

 
Ranch Hand
Posts: 38
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don't understand why the answer is A and B

Q18.
What's true about the client's view of security?
A. A transactional client cannot change its principal association within a transaction.

B. A session bean's client cannot change its principal asociation for the duration of the communication with the session object.

C. Transactional requests within a single transation cannot arrive from multiple clients.

D. None of the above.


Can anyone explain under what situation the principal association can be changed?
 
Ranch Hand
Posts: 245
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have the same question. Can someone help me please.

Thanks,
Gemini
 
Ranch Hand
Posts: 884
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


A. A transactional client cannot change its principal association within a transaction.



A client may invoke a few methods that formed a single transaction. And these business methods could have declared method permissions. So the client should not be allowed to change its security context during the transaction. If it is allowed to do so, not all methods in the transaction may be allowed to be invoked.


B. A session bean's client cannot change its principal asociation for the duration of the communication with the session object.



I guess this solution is refering to stateful session beans. During the session, a client's security context is propagated to the bean & this shouldn't be changed. Take the shopping cart example, the stateful session bean shopping cart is meant for John but along the way John changes to Mary, this shouldn't be allowed (unless Mary wishes to pay for John? Or they're identical...).

HTH.
 
Gemini Moses
Ranch Hand
Posts: 245
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Chengwei for answering all my questions!!

THis forum rocks!

Gemini
 
Chengwei Lee
Ranch Hand
Posts: 884
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
No problem. We're all here to learn from one another.
 
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have got some confuse, for the tag:


A. A transactional client cannot change its principal association within a transaction



If the client IS NOT in a transaction, then, can it change the principal association ? If yes, how can he change ?

Thanks
 
Ranch Hand
Posts: 38
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Vince Hon:
I have got some confuse, for the tag:
If the client IS NOT in a transaction, then, can it change the principal association ? If yes, how can he change ?
Thanks


For stateful session beans, a client is tied to the particular bean for the entire bean's lifetime. Unless the bean "dies" (removed), the client will always be tied to that bean. Regardless of transactional state, it is not posible to change principal association at runtime.
For stateless session beans, there is no concept of clients, so the concept of principals doesn't make any sense. Besides, stateless session beans do not know its client in the first place.
 
There were millions of the little blood suckers. But thanks to this tiny ad, I wasn't bitten once.
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic