• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Liutauras Vilda
Sheriffs:
  • Paul Clapham
  • Jeanne Boyarsky
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Piet Souris
  • Carey Brown
Bartenders:
  • Jesse Duncan
  • Frits Walraven
  • Mikalai Zaikin

auth-constraint doubt

 
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Given a deployment descriptor with three valid <security-constraint> elements, all constraining web resource AX, whose respective <auth-constraint> sub-elements are:



<auth-constraint>*</auth-constraint>
<auth-constraint>Bob</auth-constraint>
<auth-constraint>Alice</auth-constraint>


Who can access resource AX?

A.no one
B.all
C.only bob
D.only alice
E.bob and alice

Source :SAI

the given answer is B

But I think there will be an error because there is not role-name element within the auth-constraint element.
Right?
 
Creator of Enthuware JWS+ V6
Posts: 3398
312
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

But I think there will be an error because there is not role-name element within the auth-constraint element.
Right?


Yes, you must have a <role-name> around the role's

Regards,
Frits
 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
ok thanks ..

but when we test it in tomcat it does not show error in DD during server startup
instead it says

Acces to resource is denied



where can I see that error has been raised?
 
Frits Walraven
Creator of Enthuware JWS+ V6
Posts: 3398
312
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

where can I see that error has been raised?


There is no error: as you haven't got the <role-name> element inside a <auth-constraint> element, the server takes this as an empty <auth-constraint />, meaning: no one is allowed

It seems Tomcat doesn't mind having text inside the body of the <auth-constraint> element.....

Regards
Frits
 
Parth Twari
Ranch Hand
Posts: 163
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Got it
 
We begin by testing your absorbancy by exposing you to this tiny ad:
Free, earth friendly heat - from the CodeRanch trailboss
https://www.kickstarter.com/projects/paulwheaton/free-heat
reply
    Bookmark Topic Watch Topic
  • New Topic