找考题网-背景图
多项选择题

Whichtwoaretrueaboutauthentication?()……

Which two are true about authentication?()

A.Form-based logins should NOT be used with HTTPS.
B.When using Basic Authentication the target server is NOT authenticated.
C.J2EE compliant web containers are NOT required to support the HTTPS protocol.
D.Web containers are required to support unauthenticated access to unprotected web resources.

<上一题 目录 下一题>
热门试题

多项选择题Given the two security constraints in a deployment descriptor: 101.<security-constraint> 102.<!--a correct url-pattern and http-method goes here-->  103.<auth-constraint><role-name>SALES< role-name>< auth- . <auth-constraint> 104.<role-name>SALES< role-name> 105.< auth-constraint> 106.< security-constraint> 107.<security-constraint> 108.<!--a correct url-pattern and http-method goes here-->  109.<!-- Insert an auth-constraint here --> 110.< security-constraint> If the two security constraints have the same url-pattern and http-method which two inserted independentlyat line 109,will allow users with role names of either SALES or MARKETING to access this resource?()

A.<auth-constraint/>
B.<auth-constraint><role-name>*</role-name></auth-constraint>
C.<auth-constraint><role-name>ANY</role-name></auth-constraint>
D.<auth-constraint><role-name>MARKETING</role-name></auth-constraint>

单项选择题Whichmechanismrequirestheclienttoprovideitspublickeycertificate?()

A.HTTP Basic Authentication
B.Form Based Authentication
C.HTTP Digest Authentication
D.HTTPS Client Authentication

单项选择题Whichactivitysupportsthedataintegrityrequirementsofanapplication?()

A.Using HTTPS as a protocol
B.Using an LDAP security realm
C.Using HTTP Basic authentication
D.Using forms-based authentication

多项选择题Whichtwo classesorinterfacesprovideagetSessionmethod?()

A.javax.servlet.http.HttpServletRequest
B.javax.servlet.http.HttpSessionContext
C.javax.servlet.http.HttpServletResponse
D.javax.servlet.http.HttpSessionBindingEvent
E.javax.servlet.http.HttpSessionAttributeEvent

单项选择题Users of your web application have requested that they should be able to set the duration of their sessions.So for example, one user might want a webapp to stay connected for an hour rather than the webapp’sdefault of fifteen minutes; another user might want to stay connected for a whole day. Furthermore, youhave a special login servlet that performs user authentication and retrieves the User object from the database. You want to augment this code to set up the user’s specified session duration. Which codesnippet in the login servlet will accomplish this goal?()

A.User user = // retrieve the User object from the database session.setDurationInterval(user.getSessionDuration());
B.User user = // retrieve the User object from the database session.setMaxDuration(user.getSessionDuration());
C.User user = // retrieve the User object from the database session.setInactiveInterval(user.getSessionDuration());
D.User user=//retrieve the User object from the database session.setDuration(user.getSessionDuratio());
E.User user = // retrieve the User object from the database session.setMaxInactiveInterval(user.getSessionDuration());