• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

SCWCD question

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all...
I've a question from SCWCD exam on servlets...

Given:
3. class MyServlet extends HttpServlet {
4. public void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException,
IOException {
5. // servlet code here ...
26. }
27. }
If the DD contains a single security constraint associated with MyServlet and its only <http-method> tags
and <auth-constraint> tags are:
<http-method>GET</http-method>
<http-method>PUT</http-method>
<auth-constraint>Admin</auth-constraint>
Which four requests would be allowed by the container? (Choose four.)
A. A user whose role is Admin can perform a PUT.
B. A user whose role is Admin can perform a GET.
C. A user whose role is Admin can perform a POST.
D. A user whose role is Member can perform a PUT.
E. A user whose role is Member can perform a POST.
F. A user whose role is Member can perform a GET.


and the answer for this is A,B,C,E....

can any one please explain how come the given answers are correct cos according to my knowledge only A,B are correct...
 
Ranch Hand
Posts: 277
Oracle Spring Flex
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
GET and POST can be done only by user with role ADMIN.

All other roles can perform anything other than GET and PUT on this resource
 
Ranch Hand
Posts: 113
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ashwin is right!
Only GET and POST are constrained, so these two http methods can be used only by users possessing Admin role.
All other methods are not constrained - so any user can make requests with these methods: Admin, Member etc.

Answers C. and E. - POST is not a constrained method - everybody is allowed to make POST requests
Regards
 
Stoian Azarov
Ranch Hand
Posts: 113
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have just found the page in Head First S & JSP where this topic is explained in details: page 666
 
Ranch Hand
Posts: 78
Eclipse IDE Spring Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Shilpa,

The Answers A,B,C,E are the correct ones,

Because the constraint rule says, only the Admin Can do Get and Put on the resource, But it is not restricting the Admin by doing Post,
Also the constraint is not at all restricting a Member from Doing Post on the Resource,
 
Life just hasn't been the same since the volcano erupted and now the air is full of tiny ads.
ScroogeXHTML 9.0 - RTF to HTML5 and XHTML converter
https://coderanch.com/t/731949/ScroogeXHTML-RTF-HTML-XHTML-converter
    Bookmark Topic Watch Topic
  • New Topic