• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Enthuware question doubt

 
NishaP Raj
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HI,
I feel the answer of the following question is not correct. Can anyone explain?
Consider the web.xml snippet.

<web-app>
...
<security-constraint>
<web-resource-collection>
<web-resource-name>test</web-resource-name>
<url-pattern>/servlet/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
...
</web-app>


In which of the following cases will the user be prompted for username/password?

Options:-
a.When the user clicks on a hyperlink displayed by <a href="/servlet/TestServlet">Test</a>
b. When the user clicks on the submit button of a form defined as: <form action="/servlet/TestServlet" method="POST">
c.For both option 1 and option 2.
d.For neither of option 1 or option 2.

Correct answer is c.
According to me,d. is the correct one since no http-methods are mentioned, no role will have access to any of the given url-pattern. Please explain...
 
Dee Brown
Ranch Hand
Posts: 94
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If no methods are specified, all are constrained. So the correct answer is C. As an FYI, if any methods are specified, those not specified are not constrained. However, since those not specified are so because they (normally) are also not implemented, this does not present a problem/
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic