O'Reilly logo

Head First Servlets and JSP, 2nd Edition by Bert Bates, Bryan Basham, Kathy Sierra

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Coffee Cram: Chapter 12 Answers

  1. Which security mechanisms always operate independently of the transport layer? (Choose all that apply.)

    (servlet spec: chap 12 )

    A.

    authorization

    B.

    data integrity

    C.

    authentication

    D.

    confidentiality

    Note

    -Option A is correct. Authorization operates completely within the container once authentication has occurred. Authentication can affect the transport layer based on how the <auth-method> element is set.

  2. Given a deployment descriptor with three valid <security-constraint> elements, all constraining web resource A, whose respective <auth-constraint> sub-elements are:

    (servlet spec: 12.8.1)

    <auth-constraint>
        <role-name>Bob</role-name>
    </auth-constraint>
    <auth-constraint/>
    <auth-constraint>
        <role-name>Alice</role-name>
    </auth-constraint>

    Who can access resource A?

    A.

    no one

    B.

    anyone

    C.

    only Bob

    D.

    only Alice

    E.

    only Bob and Alice

    F.

    anyone but Bob or Alice

    Note

    -Option A is correct. The ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required