Win a copy of Svelte and Sapper in Action this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
Bartenders:
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

Authentication doubt

 
Ranch Hand
Posts: 90
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi,
I have found this question in MarcusGreen site.I have a doubt in this question,I have attached the question also..

<?xml version="1.0" encoding="UTF-8"?><web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Basic Authentication Example</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Welcome</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>tomcat</role-name>
</auth-constraint>
</security-constraint>
</web-app>
Choose one answer.
a. requesting /index.jsp in the browser bar will cause the user to be prompted for a username and password
b. requesting /index.jsp in the browser bar will NOT cause the user to be prompted for a username and password
c. Only members of the tomcat role will be prompted for a username and password for the index.jsp resource
d. Only POST requests will be authenticated, all other requests will be refused


My answer is A, because while giving the request it will promot the Username and Password..Some where i red like whiole we mention these method in t config (BASIC ,CLIENT-CRT,DIGEST) it will pop up the Username and password window.

They said answer is B.Please any body clear this one..
 
Ranch Hand
Posts: 893
Tomcat Server Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Requesting for /index.jsp is a GET-Method and the Authentication is only done for a POST-Method.
 
naresh govindaswmay
Ranch Hand
Posts: 90
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Originally posted by Remko Strating:
Requesting for /index.jsp is a GET-Method and the Authentication is only done for a POST-Method.



hi,
Thanks alot Remko Strating.
 
Ranch Hand
Posts: 59
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can use POST also to get the index.jsp. Assume that the request was a GET not POST
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
    Bookmark Topic Watch Topic
  • New Topic