Search...
FAQs Subscribe
Pie
FAQs
Recent topics Flagged topics Hot topics Best topics
Search...
Search within OCPJWCD Search Coderanch
Advance search Google search
Register / Login
permaculture playing cards
Win a copy of Eclipse Collections Categorically: Level up your programming game this week in the Open Source Projects forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
meaningless drivel book review grid advertise on coderanch building better world book thread boost
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Ron McLeod
  • Jeanne Boyarsky
Sheriffs:
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

HF Page 664 Q6 Answers

 
Sandeep Krish
Ranch Hand
Posts: 59
posted 17 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
The question is "which security mechanism can be implemented by using a method in the HttpServletRequest interface"
ANS GIVEN:
A Authorization
B Data integrity
B Authentication
D Confidentiality
ANSWERS: A and C - Reason given - HttpServletRequest.getRemoteUser() can be used for authentication and isUserInRole() can be used to authorize.

I would say the answers B and D is also correct as there is a method isSecure() inherited from ServletRequest which can be used to ensure the data integrity and confidentiality (provided that they are managed by SSL).

Any inputs?
 
Marc Peabody
pie sneak
Posts: 4727
I like...
Mac VI Editor Ruby
posted 17 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Very interesting point.

You might be able to verify that data integrity and confidentiality are implemented using isSecure(), but isSecure() can not be used to implement either. The typical way to implement these is through declaration in the web.xml which will require that HTTPS (HTTP over SSL) be used to secure the connection.

A good workman is known by his tools.

 
Sandeep Krish
Ranch Hand
Posts: 59
posted 17 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
I agree with that point. Thank you Marc.
 
For my next trick, I'll need the help of a tiny ad ...
Clean our rivers and oceans from home
https://www.kickstarter.com/projects/paulwheaton/willow-feeders
reply
reply
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!
Similar Threads
More...