• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
  • Junilu Lacar
Sheriffs:
  • Tim Cooke
  • Jeanne Boyarsky
  • Knute Snortum
Saloon Keepers:
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
  • Piet Souris
Bartenders:
  • salvin francis
  • fred rosenberger
  • Frits Walraven

Head first book mock exam doubt

 
Ranch Hand
Posts: 40
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have head first servlet & jsp 2nd edition book.

In the final mock exam question no 30. is

In DD we have 2 security roles defined : student and sebsei.
There are 2 security constraint elements that declare same resource to be constrained.

First security constraint is:

<aurth-constraint>
<role-name> student <role-name>
</aurth-constraint>

Second security constraint has:
<aurth-constraint/>

The answer given in book is option D that says:

If second <aurth-constraint> element is removed, the constrained resource can be accessed by both the roles.

But I think the answer should be option F that says:

If second <aurth-constraint> element is removed, the constrained resource can be accessed by only student role.


Please let me know.
 
Ranch Hand
Posts: 171
Flex Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Errata
 
Amru Jahagirdar
Ranch Hand
Posts: 40
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Bindu...
 
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
is it me or are the exams from the head first book more difficult than others and those on the exam?
 
Sheriff
Posts: 9671
42
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Thomas Van Driessche wrote:is it me or are the exams from the head first book more difficult than others and those on the exam?



No its not you, the questions on the Head First book are tougher than the real exam...
 
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I don't understand this yet. If we have the following part of the DD


And we remove the second <auth-constraint/>, the above DD part is equal to the following

(see page 669 2nd Edition) which means, everbody can make a request for the constraint resource. Or am I wrong?

Kind Regards,
Pete
 
Ankit Garg
Sheriff
Posts: 9671
42
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes you are right. If there's no auth-constraint element for a security constraint element, then every user can access that resource...
 
Pete Pommelich
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So, answer D

If second <aurth-constraint> element is removed, the constrained resource can be accessed by both the roles.

is still correct, isn't it?
 
It's weird that we cook bacon and bake cookies. Eat this tiny ad:
Two software engineers solve most of the world's problems in one K&R sized book
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
    Bookmark Topic Watch Topic
  • New Topic