Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

HFEJB Final Mock Exam Question (P.664)

 
Brenda Kwok
Ranch Hand
Posts: 38
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't understand why the answer is A and B

Q18.
What's true about the client's view of security?
A. A transactional client cannot change its principal association within a transaction.

B. A session bean's client cannot change its principal asociation for the duration of the communication with the session object.

C. Transactional requests within a single transation cannot arrive from multiple clients.

D. None of the above.


Can anyone explain under what situation the principal association can be changed?
 
Gemini Moses
Ranch Hand
Posts: 245
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have the same question. Can someone help me please.

Thanks,
Gemini
 
Chengwei Lee
Ranch Hand
Posts: 884
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

A. A transactional client cannot change its principal association within a transaction.


A client may invoke a few methods that formed a single transaction. And these business methods could have declared method permissions. So the client should not be allowed to change its security context during the transaction. If it is allowed to do so, not all methods in the transaction may be allowed to be invoked.


B. A session bean's client cannot change its principal asociation for the duration of the communication with the session object.


I guess this solution is refering to stateful session beans. During the session, a client's security context is propagated to the bean & this shouldn't be changed. Take the shopping cart example, the stateful session bean shopping cart is meant for John but along the way John changes to Mary, this shouldn't be allowed (unless Mary wishes to pay for John? Or they're identical...).

HTH.
 
Gemini Moses
Ranch Hand
Posts: 245
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Chengwei for answering all my questions!!

THis forum rocks!

Gemini
 
Chengwei Lee
Ranch Hand
Posts: 884
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No problem. We're all here to learn from one another.
 
Vince Hon
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have got some confuse, for the tag:


A. A transactional client cannot change its principal association within a transaction


If the client IS NOT in a transaction, then, can it change the principal association ? If yes, how can he change ?

Thanks
 
Paul Codillo
Ranch Hand
Posts: 38
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Vince Hon:
I have got some confuse, for the tag:
If the client IS NOT in a transaction, then, can it change the principal association ? If yes, how can he change ?
Thanks

For stateful session beans, a client is tied to the particular bean for the entire bean's lifetime. Unless the bean "dies" (removed), the client will always be tied to that bean. Regardless of transactional state, it is not posible to change principal association at runtime.
For stateless session beans, there is no concept of clients, so the concept of principals doesn't make any sense. Besides, stateless session beans do not know its client in the first place.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic