• Post Reply Bookmark Topic Watch Topic
  • New Topic

Doubt with the tag <auth-constraint>

 
Ashish Gupta
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I came accross the follwoing question:

Given:
class MyServlet extends HttpServlet {
public void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException,
IOException {
// servlet code here ...
}
}
If the DD contains a single security constraint associated with MyServlet and its only <http-method> tags
and <auth-constraint> tags are:
<http-method>GET</http-method>
<http-method>PUT</http-method>
<auth-constraint>Admin</auth-constraint>

Which four requests would be allowed by the container? (Choose four.)
A. A user whose role is Admin can perform a PUT.
B. A user whose role is Admin can perform a GET.
C. A user whose role is Admin can perform a POST.
D. A user whose role is Member can perform a PUT.
E. A user whose role is Member can perform a POST.
F. A user whose role is Member can perform a GET.

Answer for this question is given as: A, B, C and E

But I feel the answer should be A, B and D, because the user "Admin" has been given privilege to do GET and PUT, while TRACE, HEAD and PUT are default allowed to every user, hence the other user "Member" can do PUT.

Please let me know, if my understanding of the concept is wrong. A quick answer would be highly appretiaed as I am going to write the exam on 20th july.

Thanks & Regards,
Ashish
 
Ashish Gupta
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Everyone,

Following forum post has clarified my doubt:
http://www.coderanch.com/t/432792/Web-Component-Certification-SCWCD/certification/about-constraints

Thanks & Regards,
Ashish
 
my overalls have superpowers - they repel people who think fashion is important. Tiny ad:
the new thread boost feature brings a LOT of attention to your favorite threads
https://coderanch.com/t/674455/Thread-Boost-feature
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!