Hi everybody,
I got the following question in a mock exam.
1) Which are mandatory elements of taglib descriptor file
a)tlib-version
b)jsp-version
c)short-name
d)tag
Answer : all are mandatory.
What is jsp-version? Please clarify
2) This is from j2eecertificate.com
Given the following extract from a deployment descriptor, which of the following statements regarding authentication are true? [Check all correct answers]
<web-app> ....
<login-config>
<auth-method>DIGEST</auth-method>
</login-config>
...</web-app>
1 All data between the client and the server is encrypted.
2 This authentication method is supported by all the commonly used browsers.
3 An MD5 digest of the password is sent from the client to the server.
4 A web application using this method of authentication is not guaranteed to work on all application servers.
Answer: 3,4
but according to HFSJ pag 645, DIGEST authentication transmits the login information in a more secure way,but because the encryption mechanism isn't widely used ,
J2EE containers aren't required to support it.
Please clarify whether DIGEST authentication supports encryption or not.
Thanks ,
Jyothi