• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Mock exam Q

 
Tridib Samanta
Ranch Hand
Posts: 128
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I found this question in j2eecertificate.com.

Which of the following statements regarding the authentication method CLIENT-CERT are true? [Check all correct answers]

1. Supported by all application servers as it is mandated by the servlet specification.

2. Authentication is performed when the SSL connection is established.

3. All the commonly used browsers support it.

4. All the data between the client and server is encrypted.

5. Requires a digital certificate which has been issued from a recognised certification authority.


The explanation in the site says, option 1 is incorrect. But i think option 1 is correct, because the servlet spec says (page 95)
Servlet containers that are not J2EE technology
compliant are not required to support the HTTPS protocol.


Is it possible to have a container which is not j2ee technology comliant?

Guys, what is your opinion on this?
[ March 26, 2007: Message edited by: Tridib Samanta ]
 
Marc Peabody
pie sneak
Sheriff
Posts: 4727
Mac Ruby VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The exam is only concerned with rules of J2EE compliance as it is defined in the specs.

The quote you gave from the Servlet spec is a strange one. It basically says: "If you don't follow our rules, you don't have to follow our rules." Well, duh, guys! :roll:

I have to agree with the mock exam on this one.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic