多項選擇題

Given the security constraint in a DD:
101.<security-constraint>
102.<web-resource-collection>
103.<web-resource-name>Foo</web-resource-name>
104.<url-pattern>/Bar/Baz/*</url-pattern>
105.<http-method>POST</http-method>
106.</web-resource-collection>
107.<auth-constraint>
108.<role-name>DEVELOPER</role-name>
109.</auth-constraint>
110.</security-constraint>
And given that "MANAGER" is a valid role-name,which four are true for this security constraint?()

A.MANAGER can do a GET on resources in the /Bar/Baz directory.
B.MANAGER can do a POST on any resource in the /Bar/Baz directory.
C.MANAGER can do a TRACE on any resource in the /Bar/Baz directory.
D.DEVELOPER can do a GET on resources in the /Bar/Baz directory.
E.DEVELOPER can do only a POST on resources in the /Bar/Baz directory.
F.DEVELOPER can do a TRACE on any resource in the /Bar/Baz directory.


您可能感興趣的試卷

你可能感興趣的試題

1.單項選擇題

Given this fragment in a servlet:
23.if(req.isUserInRole("Admin")) {
24.// do stuff
25.}
And the following fragment from the related Java EE deployment descriptor:
812.<security-role-ref>
813.<role-name>Admin</role-name>
814.<role-link>Administrator</role-link>
815.</security-role-ref>
900.<security-role>
901.<role-name>Admin</role-name>
902.<role-name>Administrator</role-name>
903.</security-role>
What is the result?()

A.Line 24 can never be reached.
B.The deployment descriptor is NOT valid.
C.If line 24 executes, the user’s role will be Admin.
D.If line 24 executes, the user’s role will be Administrator.
E.If line 24 executes the user’s role will NOT be predictable.

2.多項選擇題

If you want to use the Java EE platform’s built-in type of authentication that uses a custom HTML page for authentication.
Which two statements are true?()

A.Your deployment descriptor will need to contain this tag: CUSTOM.
B.The related custom HTML login page must be named loginPage.html.
C.When you use this type of authentication, SSL is turned on automatically.
D.You must have a tag in your deployment descriptor that allows you to point to both a login HTML pageand an HTML page for handling any login errors.
E.In the HTML related to authentication for this application, you must use predefined variable names fort he variables that store the user and password values.

3.多項選擇題

Given:
3.class MyServlet extends HttpServlet {
4.public void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException,IOException {
5.// servlet code here ...
26.}
27.}
If the DD contains a single security constraint associated with MyServlet and its only <http method> tagsand <auth-constraint> tags are:<http-method>GET</http-method><http-method>PUT</http-method>
<auth-constraint>Admin</auth-constraint>
Which four requests would be allowed by the container?()

A.A user whose role is Admin can perform a PUT.
B.A user whose role is Admin can perform a GET.
C.A user whose role is Admin can perform a POST.
D.A user whose role is Member can perform a PUT.
E.A user whose role is Member can perform a POST.
F.A user whose role is Member can perform a GET.

4.單項選擇題

A developer has used this code within a servlet:
62.if(request.isUserInRole("vip")) {
63.// VIP-related logic here
64.}
What else must the developer do to ensure that the intended security goal is achieved?()

A.Create a user called vip in the security realm
B.Define a group within the security realm and call it vip
C.Define a security-role named vip in the deployment descriptor
D.Declare a security-role-ref for vip in the deployment descripto

5.多項選擇題Which two JSTL URL-related tags perform URL rewriting?()

A.Url
B.Link
C.Param
D.Import
E.Redirect

最新試題

Click the ’Select and Place’ button.Place the events in the order they occur.

題型:問答題

All of your JSPs need to have a link that permits users to email the web master. This web application islicensed to many small businesses, each of which have a different email address for the web master. Youhave decided to use a context parameter that you specify in the deployment descriptor, like this:42.<context-param>43.<param-name>webmasterEmail</param-name>44.<param-value>master@example.com</param-value>45.</context-param>Which JSP code snippet creates this email link?()

題型:單項選擇題

Click the 'Select and Place' button.Place the events in the order they occur.

題型:問答題

Your company has a corporate policy that prohibits storing a customer’s credit card number in anycorporate database. However, users have complained that they do NOT want to re- enter their credit cardnumber for each transaction. Your management has decided to use client-side cookies to record the user’scredit card number for 120 days. Furthermore, they also want to protect this information during transit fromthe web browser to the web container; so the cookie must only be transmitted over HTTPS.Which codesnippet creates the "creditCard" cookie and adds it to the out going response to be stored on the user’s webbrowser?()

題型:單項選擇題

Given a Filter class definition with this method:21.public void doFilter(ServletRequest request,22.ServletResponse response,23.FilterChain chain)24.throws ServletException, IOException {25.// insert code here26.}Which should you insert at line 25 to properly invoke the next filter in the chain, or the target servlet if thereare no more filters?()

題型:單項選擇題

You need to create a JSP that generates some JavaScript code to populate an array of strings used on the client-side.Which JSP code snippet will create this array?()

題型:單項選擇題

A web browser need NOT always perform a complete request for a particular page that it suspects mightNOT have changed. The HTTP specification provides a mechanism for the browser to retrieve only a partialresponse from the web server; this response includes information, such as the Last-Modified date but NOTthe body of the page.Which HTTP method will the browser use to retrieve such a partial response?()

題型:單項選擇題

Which ensures that a JSP response is of type "text/plain"?()

題型:單項選擇題

Which is true about the web container request processing model?()

題型:單項選擇題

Click the ’Select and Place’ button.Place the events in the order they occur.

題型:問答題