This week's book giveaway is in the Agile and Other Processes forum.
We're giving away four copies of The Little Book of Impediments (e-book only) and have Tom Perry on-line!
See this thread for details.
Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

security question

 
Bhupendra Khabrani
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
while doing a Jpilot's mock test I had a question with folwing options but wasn't able to understand ..option 1 was correct

which is true?

1.the security model doesn't apply when a servlet uses a requestDispatcher to include or forward a
resource
2.the security model doesn't apply when a servlet uses a requestDispatcher to include a resource but it applies when it uses forward
3.the security model applies when a servlet uses a requestDispatcher to include or forward a resource
4.the security model doesn't apply when a servlet uses a requestDispatcher to include or include a static resource

please help!!
 
Garlapati Ravi
Ranch Hand
Posts: 171
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I came across the same question in one of the mocks, on my understand, in <security-role-constaint> if we specify any URL in <url-pattern> under specific <role-name>manager<role-name>, in this case only manager can access that URL, no one else can access it directly.

If any one trying to access it directly then constraint may restrict of doing so, else try to access indirectly (forward or include), this constaint will not comes into picture.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic