Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

HF Chapter 12 Mock exam questions .Pls help

 
Sharika Raj
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
I have some doubts in Web security chapter moch questions(Page 664)
1. Question 6 Which security mechanism can be implemened by using HttpServletRequest?
Book Answer A.authorization and C. Authentication
I am not able to understand how authentication can be implemented prog. by calling getRemoteUser.API says Returns the remote user if authenticated.
That means authentication is implemented through DD, before we call these methods.If so answer is just Authrization.pls help me understand what is corect

2. Question 9. Whcih authentication mechanism is recommended if only cookies or SSL Sesstion tracking is in place?
Book Answer Form based (reason Form based login session tracking can be difficult to implement, therefore a separate session tracking mechanish is recommened)
Why HTTP BASIC can not be used? Is SSL session tracking different from HTTPSession tracking? is HttpSessionTracking enough for FORM authorization?


Please help ASAP. I will be writing test in few days.

Thanks
Sharika
 
Bhumika Thakkar
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
1) To authenticate a user thru a servlet, get username and password from a form and verify them against a database...
 
Bhumika Thakkar
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
2) In FORM base, we don't encode the url, therefore if cookies are disabled then we can't track a session. That's how I understood it.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic