Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

HF Chapter 12 Mock exam questions .Pls help

 
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,
I have some doubts in Web security chapter moch questions(Page 664)
1. Question 6 Which security mechanism can be implemened by using HttpServletRequest?
Book Answer A.authorization and C. Authentication
I am not able to understand how authentication can be implemented prog. by calling getRemoteUser.API says Returns the remote user if authenticated.
That means authentication is implemented through DD, before we call these methods.If so answer is just Authrization.pls help me understand what is corect

2. Question 9. Whcih authentication mechanism is recommended if only cookies or SSL Sesstion tracking is in place?
Book Answer Form based (reason Form based login session tracking can be difficult to implement, therefore a separate session tracking mechanish is recommened)
Why HTTP BASIC can not be used? Is SSL session tracking different from HTTPSession tracking? is HttpSessionTracking enough for FORM authorization?


Please help ASAP. I will be writing test in few days.

Thanks
Sharika
 
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
1) To authenticate a user thru a servlet, get username and password from a form and verify them against a database...
 
Bhumika Thakkar
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
2) In FORM base, we don't encode the url, therefore if cookies are disabled then we can't track a session. That's how I understood it.
reply
    Bookmark Topic Watch Topic
  • New Topic