Java EE 6 Web Component Developer Certified Expert — Question 1

Given:
3. class MyServlet extends HttpServlet {
4. public void doPut(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException {
5. // servlet code here

26. }
27. }
If the DD contains a single security constraint associated with MyServlet and its only <http-method> tags and <auth-constraint> tags are:
<http-method>GET</http-method>
<http-method>PUT</http-method>
<auth-constrain>Admin</auth-constrain>
Which four requests would be allowed by the container? (Choose four)

Answer options

• A. A user whose role is Admin can perform a PUT.
• B. A user whose role is Admin can perform a GET.
• C. A user whose role is Admin can perform a POST.
• D. A user whose role is Member can perform a PUT.
• E. A user whose role is Member can perform a POST.
• F. A user whose role is Member can perform a GET.

Correct answer: A, B, C, E

Explanation

The security constraint specifies that only users with the Admin role can perform GET and PUT requests. Since the constraint does not include POST for Admin, option C is correct but not allowed for a Member. Options D and F are incorrect as a Member role does not have permission for PUT or GET actions.