• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

doubt in security role ref

 
V Gala
Ranch Hand
Posts: 113
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Problem

Consider the following web.xml code snippet:


<servlet>
<servlet-name>BankServlet</servlet-name>
<servlet-class>com.abc.bankapp.BankServlet</servlet-class>
<security-role-ref>
<role-name>manager</role-name>
<role-link>supervisor</role-link>
</security-role-ref>
</servlet>


Which of the following statements are correct?


Options

Select 1 correct option.

1 The servlet code should use "manager" as a parameter in request.isUserInRole() method.


2 The servlet code can use "manager" or "supervisor" as a parameter in request.isUserInRole() method.


3 The servlet code should use"supervisor" as a parameter in request.isUserInRole() method.


4 The role of "manager" must be defined in the servlet container.
"supervisor" must be defined in the container. For example, in conf/tomcat-users.xml for Tomcat.

5 None of these.



which one is correct
1 or 2
Answer given is 1
jdiscuss

why option 2 is wrong

thanks in advance
 
Ashok Kumar Babu
Ranch Hand
Posts: 129
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Option two is not correct.




Must have a corresponding mapping in <security-constraint> as follows.



For declarative programming in Servlet you have to use <role-name> value in <Servlet> tag.
 
V Gala
Ranch Hand
Posts: 113
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
if i have this code in web.xml
then option 2 is correct?
<auth-constraint>
<role-name>supervisor</role-name>
</auth-constraint>
 
Ashok Kumar Babu
Ranch Hand
Posts: 129
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
if i have this code in web.xml
then option 2 is correct?


No.

For declarative programming security in Servlet you have to use <role-name> in <Servlet> tag.
 
Marc Peabody
pie sneak
Sheriff
Posts: 4727
Mac Ruby VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please Quote Your Sources.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic