多项选择题
Given the security constraint in a DD:
101.<security-constraint>
102.<web-resource-collection>
103.<web-resource-name>Foo</web-resource-name>
104.<url-pattern>/Bar/Baz/*</url-pattern>
105.<http-method>POST</http-method>
106.</web-resource-collection>
107.<auth-constraint>
108.<role-name>DEVELOPER</role-name>
109.</auth-constraint>
110.</security-constraint>
And given that "MANAGER" is a valid role-name,which four are true for this security constraint?()
A.MANAGER can do a GET on resources in the /Bar/Baz directory.
B.MANAGER can do a POST on any resource in the /Bar/Baz directory.
C.MANAGER can do a TRACE on any resource in the /Bar/Baz directory.
D.DEVELOPER can do a GET on resources in the /Bar/Baz directory.
E.DEVELOPER can do only a POST on resources in the /Bar/Baz directory.
F.DEVELOPER can do a TRACE on any resource in the /Bar/Baz directory.
点击查看答案
相关考题
- 单项选择题 Given this fragment in a servlet: 23.if(req.isUserInRole("Admin")) { 24.// do stuff 25.} And the following fragment from the related Java EE deployment descriptor: 812.<security-role-ref> 813.<role-name>Admin</role-name> 814.<role-link>Administrator</role-link> 815.</security-role-ref> 900.<security-role> 901.<role-name>Admin</role-name> 902.<role-name>Administrator</role-name> 903.</security-role> What is the result?()
- 多项选择题 If you want to use the Java EE platform’s built-in type of authentication that uses a custom HTML page for authentication. Which two statements are true?()
- 多项选择题 Given: 3.class MyServlet extends HttpServlet { 4.public void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException,IOException { 5.// servlet code here ... 26.} 27.} If the DD contains a single security constraint associated with MyServlet and its only <http method> tagsand <auth-constraint> tags are:<http-method>GET</http-method><http-method>PUT</http-method> <auth-constraint>Admin</auth-constraint> Which four requests would be allowed by the container?()
- 单项选择题 A developer has used this code within a servlet: 62.if(request.isUserInRole("vip")) { 63.// VIP-related logic here 64.} What else must the developer do to ensure that the intended security goal is achieved?()
- 多项选择题 WhichtwoJSTLURL-relatedtagsperformURLrewriting?()
- 单项选择题 Your management has required that all JSPs be created to generate XHTML-compliant content and tofacilitate that decision, you are required to create all JSPs using the JSP Document format. In the reviewOrder.jspx page, you need to use several core JSTL tags to process the collection of order items inthe customer’s shopping cart. Which JSP code snippets must you use in the reviewOrder.jspx page?()
- 单项选择题 You are creating a JSP page to display a collection of data. This data can be displayed in several differentways so the architect on your project decided to create a generic servlet that generates a comma-delimitedstring so that various pages can render the data in different ways. This servlet takes on request parameter:objectID. Assume that this servlet is mapped to the URL pattern:/WEB-INF/data. In the JSP you are creating, you need to split this string into its elements separated by commas andgenerate an HTML list from the data. Which JSTL code snippet will accomplish this goal?()
- 多项选择题 Assume the scoped attribute priority does NOT yet exist. Which two create and set a new request-scopedattribute priority to the value "medium"?()
- 单项选择题 WhichJSTLcodesnippetcanbeusedtoperformURLrewriting?()
- 单项选择题 Assume that a news tag library contains the tags lookup and item: lookup Retrieves the latest news headlines and executes the tag body once for each headline. Exposes a NESTED page scoped attributecalled headline of type com.example.Headline containing details for that headline. item Outputs the HTMLfor a single news headline. Accepts an attribute info of typecom.example.Headline containing details for theheadline to be rendered. Which snippet of JSP code returns the latest news headlines in an HTML table,one per row?()
- 单项选择题 One of the use cases in your web application uses many session-scoped attributes. At the end of the usecase, you want to clear out this set of attributes from the session object. Assume that this static variableholds this set of attribute names: 201.private static final Set<String> USE_CASE_ATTRS; 202.static { 203.USE_CASE_ATTRS.add("customerOID"); 204.USE_CASE_ATTRS.add("custMgrBean"); 205.USE_CASE_ATTRS.add("orderOID"); 206.USE_CASE_ATTRS.add("orderMgrBean"); 207.} Which code snippet deletes these attributes from the session object?()
- 单项选择题 Whichstatementistrueaboutwebcontainersessionmanagement?()
- 单项选择题 Your web application requires the adding and deleting of many session attributes during a complex usecase. A bug report has come in that indicates that an important session attribute is being deleted too soonand a NullPointerException is being thrown several interactions after the fact. You have decided to create asession event listener that will log when attributes are being deleted so you can track down when theattribute is erroneously being deleted. Which listener class will accomplish this debugging goal?()
- 多项选择题 You need to store a Java long primitive attribute, called customerOID, into the session scope. Which two code snippets allow you to insert this value into the session?()
- 单项选择题 Given the definition of MyServlet: 11.public class MyServlet extends HttpServlet { 12.public void service(HttpServletRequest request, 13.HttpServletResponse response) 14.throws ServletException, IOException { 15.HttpSession session = request.getSession(); 16.session.setAttribute("myAttribute","myAttributeValue"); 17.session.invalidate(); 18.response.getWriter().println("value=" + 19.session.getAttribute("myAttribute")); 20.} 21.} What is the result when a request is sent to MyServlet?()
- 多项选择题 A developer wants to make a name attribute available to all servlets associated with a particular user,across multiple requests from that user, from the same browser instance. Which two provide this capability from within a tag handler?()
- 单项选择题 Click the Exhibit button. The resource requested by the RequestDispatcher is available and implemented by the Destination Servlet. What is the result?()
- 多项选择题 You want to create a filter for your web application and your filter will implement javax.servlet.Filter. Which two statements are true?()
- 多项选择题 A developer wants a web application to be notified when the application is about to be shut down. Which two actions are necessary to accomplish this goal?()
- 单项选择题 Your web site has many user-customizable features, for example font and color preferences on web pages.Your IT department has already built a subsystem for user preferences using the Java SE platform’s lang.util.prefs package APIs, and you have been ordered to reuse this subsystem in your web application. Youneed to create an event listener that constructs the preferences factory and stores it in the applicationscope for later use. Furthermore, this factory requires that the URL to a database must be declared in thedeployment descriptor like this: 42. 43.prefsDbURL 44. 45.jdbc:pointbase:server://dbhost:4747/prefsDB 46. 47. Which partial listener class will accomplish this goal?()
