• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

auth constraint

 
Ranch Hand
Posts: 856
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Consider the following web.xml snippet:

<security-constraint>
<web-resource-collection>
<web-resource-name>wholesale</web-resource-name>
<url-pattern>/acme/wholesale/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>

<auth-constraint>
<role-name>SALES</role-name>
</auth-constraint>

</security-constraint>

<security-constraint>
<web-resource-collection>
<web-resource-name>wholesale</web-resource-name>
<url-pattern>/acme/wholesale/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>

<<<< INSERT AUTH CONSTRAINT HERE >>>>
</security-constraint>

Insert an auth-constraint in the above code so that a user in role of SALES or MKTING can access the specified web resource collection.


select 2 option's

1) <auth-constraint>
<role-name>MKTING</role-name>
</auth-constraint>

2) <auth-constraint>
<role-name>ANY</role-name>
</auth-constraint>

3) <auth-constraint>
<role-name>*</role-name>
</auth-constraint>

4) <auth-constraint>
<role-name>SALES, MKTING</role-name>
</auth-constraint>

5) <auth-constraint>
<role-name>ALL</role-name>
</auth-constraint>

6) <auth-constraint></auth-constraint>

This is from Enthuware.

The correct answer given is 1 and 3.

But according to me the correct answer should be 1 and 4.

How come answer 3 is correct as this will allow every role to access the specified web resource collection. But question hat a user in role of SALES or MKTING can access the specified web resource collection.

Please advice.
 
Ranch Hand
Posts: 140
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
#4 is wrong as you cannot put two names in one <role-name> tag.

#3 is correct as it will allow all roles to access the constraint, including roles SALES and MKTING.

Note the question it did not say "only" SALES and MKTNG, it says how you could make this two roles access the constratint so applying *(all) gives SALES and MKTING access, so #4 is correct.

 
Amandeep Singh
Ranch Hand
Posts: 856
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Kurt, i thought this based upon the tomcat-users.xml file, where in roles we can put more than 1 role.

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="manager"/>
<role rolename="admin"/>
<user username="admin" password="" roles="admin,manager"/>
<user username="rocky" password="rocky" roles="manager"/>
</tomcat-users>
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic