多项选择题
Given the security constraint in a DD:
101.<security-constraint>
102.<web-resource-collection>
103.<web-resource-name>Foo</web-resource-name>
104.<url-pattern>/Bar/Baz/*</url-pattern>
105.<http-method>POST</http-method>
106.</web-resource-collection>
107.<auth-constraint>
108.<role-name>DEVELOPER</role-name>
109.</auth-constraint>
110.</security-constraint>
And given that "MANAGER" is a valid role-name,which four are true for this security constraint?()
A.MANAGER can do a GET on resources in the /Bar/Baz directory.
B.MANAGER can do a POST on any resource in the /Bar/Baz directory.
C.MANAGER can do a TRACE on any resource in the /Bar/Baz directory.
D.DEVELOPER can do a GET on resources in the /Bar/Baz directory.
E.DEVELOPER can do only a POST on resources in the /Bar/Baz directory.
F.DEVELOPER can do a TRACE on any resource in the /Bar/Baz directory.
相关考题
-
单项选择题
Given this fragment in a servlet: 23.if(req.isUserInRole("Admin")) { 24.// do stuff 25.} And the following fragment from the related Java EE deployment descriptor: 812.<security-role-ref> 813.<role-name>Admin</role-name> 814.<role-link>Administrator</role-link> 815.</security-role-ref> 900.<security-role> 901.<role-name>Admin</role-name> 902.<role-name>Administrator</role-name> 903.</security-role> What is the result?()
A.Line 24 can never be reached.
B.The deployment descriptor is NOT valid.
C.If line 24 executes, the user’s role will be Admin.
D.If line 24 executes, the user’s role will be Administrator.
E.If line 24 executes the user’s role will NOT be predictable. -
多项选择题
If you want to use the Java EE platform’s built-in type of authentication that uses a custom HTML page for authentication. Which two statements are true?()
A.Your deployment descriptor will need to contain this tag: CUSTOM.
B.The related custom HTML login page must be named loginPage.html.
C.When you use this type of authentication, SSL is turned on automatically.
D.You must have a tag in your deployment descriptor that allows you to point to both a login HTML pageand an HTML page for handling any login errors.
E.In the HTML related to authentication for this application, you must use predefined variable names fort he variables that store the user and password values. -
多项选择题
Given: 3.class MyServlet extends HttpServlet { 4.public void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException,IOException { 5.// servlet code here ... 26.} 27.} If the DD contains a single security constraint associated with MyServlet and its only <http method> tagsand <auth-constraint> tags are:<http-method>GET</http-method><http-method>PUT</http-method> <auth-constraint>Admin</auth-constraint> Which four requests would be allowed by the container?()
A.A user whose role is Admin can perform a PUT.
B.A user whose role is Admin can perform a GET.
C.A user whose role is Admin can perform a POST.
D.A user whose role is Member can perform a PUT.
E.A user whose role is Member can perform a POST.
F.A user whose role is Member can perform a GET.
