Hi,
I have doubt on the below question. Can any body help me in this.
Your web application has a valid deployment descriptor in which student and sensei are the only security roles that have been defined. The deployment descriptor contains two security constraints that declare the same resource to be constrained. The first security constraint contains:
234. <auth-constraint>
235. <role-name>student</role-name>
236. </auth-constraint>
And the second security constraint contains:
251. <auth-constraint/>
Which are true? (Choose all that apply.)
A. As the deployment descriptor stands now, the constrained resource can be accessed by both roles.
B. As the deployment descriptor stands now, the constrained resource can be accessed only by sensei users.
C. As the deployment descriptor stands now, the constrained resource can be accessed only by student users.
D. If the second <auth-constraint> tag is removed, the constrained resource can be accessed by both roles.
E. If the second <auth-constraint> tag is removed, the constrained resource can be accessed only by sensei users.
F. If the second <auth-constraint> tag is removed, the constrained resource can be accessed only by student users.
The answer given is D. But I think it should be F.
