• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

HF Chapter 12 Mock exam questions .Pls help

 
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,
I have some doubts in Web security chapter moch questions(Page 664)
1. Question 6 Which security mechanism can be implemened by using HttpServletRequest?
Book Answer A.authorization and C. Authentication
I am not able to understand how authentication can be implemented prog. by calling getRemoteUser.API says Returns the remote user if authenticated.
That means authentication is implemented through DD, before we call these methods.If so answer is just Authrization.pls help me understand what is corect

2. Question 9. Whcih authentication mechanism is recommended if only cookies or SSL Sesstion tracking is in place?
Book Answer Form based (reason Form based login session tracking can be difficult to implement, therefore a separate session tracking mechanish is recommened)
Why HTTP BASIC can not be used? Is SSL session tracking different from HTTPSession tracking? is HttpSessionTracking enough for FORM authorization?


Please help ASAP. I will be writing test in few days.

Thanks
Sharika
 
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
1) To authenticate a user thru a servlet, get username and password from a form and verify them against a database...
 
Bhumika Thakkar
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
2) In FORM base, we don't encode the url, therefore if cookies are disabled then we can't track a session. That's how I understood it.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic