• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Doubt regarding unchecked element of security

 
Srini Madala
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you want to allow several methods being called by anyone, Can you define these methods within an unchecked element? I thought you can specify unchecked element instead of rolename for a method, not for a list of methods.

The mock exam question 2 on page 593 chose this option:

***************************************************************************
What's true about methods that should run without being checked for authorization?

A) They can be listed in the <exclude-list> element
B) They can be listed in the <unchecked> element
C) When the <unchecked> element is used, it should be placed where the <role-name> element normally occurs in the deployment descriptor
D) When a method permission relation specifies both <unchecked> and a security role, the container will use the security role.
***************************************************************************
I thought the answe is only C, but the book checked B and C.

How can you specify a list of methods in an unchecked element? Different classes can have the same method name?
 
Keerthi P
Ranch Hand
Posts: 203
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You are right. It appears the question is not properly formed. Real exam questions are much more sensible than this. So don't worry.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic