hover cheng

Ranch Hand
+ Follow
since Feb 11, 2003
Merit badge: grant badges
For More
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by hover cheng

Just sent an email to apply for the voucher.
Thanks Javaranch. I've got a lot of help from Javaranch with my certification road: SCJP, SCJD, SCBCD and SCWCD. I've seen a lot of guys as me to discuss questions, to share experience, to help each other, and to celerbrate our achievement!
Although my present job does not focus on Java, but we're planing to leverage Java more and more in the near future.
Here is another month of hard studying ahead for SCDJWS, but I enjoy it.
Recieved the letter from prometric today:
86%, passed.
Hi, guys
Just read the following:
Testing Center Id: bcl07
Exam Series #: 310-081
Exam Name: (310-081) Sun Certified Web Component Developer for J2EE 1.4
Exam Date: 21/01/04
Grade: Passed
The only thing I know is I have passed, but I don't know the score. By the way, when will I recieve the certificate kit?

I remember those as:
? : does it exist? (yes or no)
+ : positive number (should be greater than 0)
* : no matter how many
XML view is NOT included. But to be sure, JSP document is included( there are half a dozen questions on jsp document for me )
For me, it's 300 minutes indeed.
Yeap, the pattern questions are not as simple as I expected. But for me, it's ok.
The weakness for me is the EL and JSTL. They are unexpected complex and tricky. Frankly, I didn't use them before, except coded some example while studying. But, be prepared questions on these syntax details, and a lot of code for you to read.
I guess the examiners have put almost all thier time on the "new part" of Sevelet2.4 and JSP2.0 and JSTL1.1. So, the questions on "new part" are much more difficult than the "tranditional part".

Originally posted by Mathew Manoj:
Here is some need to Know information which i got jolted
The exam is 4 hrs not 5 hrs 15 mts as initially stated.
It has 163 questions.
It has multiple choice,single choice , drag drop.

I totally agree with you, Mathew. except the testing time. I came into the place at 11:45am and came out at 4:45pm. So, it's 5 hours actually.

Originally posted by Ko Ko Naing:

Are the questions covered by old exam objectives from Servlet portion? Is there anything new in Servlet part of the exam?

I am not quitely sure of the old exam objectives. But equiped with:
1. The event listener on ServeletContext, HttpSession. For me myself, there is no question on event listener of Request, but there are several on HttpSessionBindingListener.
2. The "property-group" is also tested, watch out the EL and scriptlet definition in DD.
3. There are about 5 questions of DD on web Secutity.
I can give you tips like these now, based on my remember...

Originally posted by Ali Ragi:
Thank you, Happy Chinese New Year!

Thanks for your bless, buddy!
As mentioned before, I took the test before. Generally, I feel it is difficult, especially for the first 100 questions. It totally has 163 questions, 5 hours. I use 4 hrs and 15 minutes to finish it.
12 questions on design patterns; a lot of tricky questions on EL and customer tags; a lot of questions you need read code; several tricky questions on jstl; 70-80 tranditional questions -- questions covered by old exam, which is relatively easier.
I'll give you guys more tips, but not today -- today is chinese new year!

Originally posted by Yi Meng:

I suppose from DD's point of view, there is no way to distinguish them, right?

I guess there is still a narrow way from TLD:
if the <body-content> element has a JSP value, and it is still valid, then it's a classic one, because "JSP" is not a valid body-content value for Simple handler.

Originally posted by Vijay S Rathore:
As per the definition mentioned in SG246573 (IBM Redbook)
IBM WebSphere V5.0 Security
A realm is a collection of users that are controlled by the same authentication policy.
So, if I say a realm is sales, it means any user defined for roles in tomcat-users.xml.
<user username="vijay" password="yajiv" roles="sales,administrator"/>
<user username="manish" password="manish" roles="sales"/>
<user username="john" password="jjj" roles="sales"/>
Here 'vijay' belongs to realms 'sales and administrator', whereas 'manish' belongs to 'sales' only.

I can not agree with you on this point. Obviously, the "role" is by far different from "realm". On exmple you given, 'vijay', 'manish' are belong to different roles, but we can not decide whether they are belong to one or multiple realms only based on this.
The "realm-name" in web.xml and the actual authenticate realm are very confusing, as Servlet-2.4-fr_spec says,

SRV.12.5.1 HTTP Basic Authentication
HTTP Basic Authentication, which is ..... As part of the request, the web server passes the realm (a string) in which the user is to be authenticated. The realm string of Basic Authentication does not have to reflect any particular security policy (Authentication domain confusingly also referred to as a realm) ....

So, the "realm-name" in web.xml is only a "string" sent to client's browser and displayed to client as a "tip", while using BASIC auth-method. It is not sent to client using FORM auth-method, and it has no effect on how the web server authenticate users.
To clearify, we have "two realms" here, one is a "string" realm-name as above, the other is the "auth realm", which is used by web server as means to authenticate users.
I think for Tomcat, it defines its auth realm in conf/server.xml rather than conf/tomcat-users.xml. In contrast, all the users and roles defined in tomcat-users.xml belong to one auth realm -- MemoryRealm.
We can find the following elements defined in server.xml regarding other auth realms:

Correct me if I am wrong. I also in the beginning phase getting myself dirty on the security issues
Anybody has taken the exam today? Could you be so kind to post your feelings and tips?
Sorry to bother... I just want to make sure that jstl sql tags are NOT one of the scwcd beta objectives, am i right?