I ran across a question in a practice
test: "How can you make sure that the container tracks sessions for you web application using SSL?"
With the correct answer as:
Add the following to the web.xml:
session-config>
<tracking-mode>SSL</tracking-mode>
</session-config>
However, another of the responses could have been:
Add the following to the web.xml:
<session-config>
<cookie-config><secure>true</secure></cookie-config>
<tracking-mode>cookie</tracking-mode>
</session-config>
I'm not sure why the second one is wrong. Any ideas?
OCP Java SE 6 Programmer | OCM Java SE 6 Developer | OCE Web Components (OCEWD) | OCE JPA 6 (OCEJPAD) | OCE EJB 6 (OCEBCD) | OCE Web Services (OCEWSD) | OCM Java 6 Enterprise Architect(OCMEA)
MySQL Certified Administrator & Developer,
OMG Certified UML Prof. Fund., Int., Adv.