Win a copy of Java Mock Exams (software) this week in the Programmer Certification (OCPJP) forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Security Question

 
deepa raj
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"You can make transmitted data confidential only after your application has verified the user�s password."

the above statement is true or false?
 
Anand Bhatt
Ranch Hand
Posts: 189
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"You can make transmitted data confidential only after your application has verified the user�s password."

False.
As container first check the value for <transpost-guarantee> tag in web.xml .Only after any type of Authentication/Autorization.
 
Ulf Dittmer
Rancher
Posts: 42970
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Using authentication and using HTTPS are independent of one another. It's perfectly fine to use HTTPS for communicating to an unauthenticated user.
 
What are you doing? You are supposed to be reading this tiny ad!
the new thread boost feature brings a LOT of attention to your favorite threads
https://coderanch.com/t/674455/Thread-Boost-feature
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!