Hi,
Which two pieces of information are needed when declaring the web resource collection in the
deployment descriptor? (Choose two.)
A. the URL
pattern that requires authorization
B. the HTTP methods that require authorization
C. the users allowed access to the web resource
D. the
J2EE roles allowed access to the web resource
E. the authentication mechanism required by the web resource.
I thought the answer is A .but 2 options are given as correct.please help me.