CertGear Systems - Certification Practice Tests /Exams For PHR, SPHR, GPHR, SCWCD, SCBCD, SCDJWS, SCJP, PMP Test Prep Products Built To Satisfy The Most Demanding Professional.
Certification Practice Tests For PHR, SPHR, GPHR, SCWCD, SCBCD, SCDJWS, SCJP, PMP
CertGear Products - Certification Practice Tests For PHR, SPHR, GPHR, SCWCD, SCBCD, SCDJWS, SCJP, PMPCertGear Products - Certification Practice Tests For PHR, SPHR, GPHR, SCWCD, SCBCD, SCDJWS, SCJP, PMPAbout CertGearCertGear Affiliates ProgramCertGear Technical SupportCertGear Product Downloads - Certification Practice Tests For PHR, SPHR, GPHR, SCWCD, SCBCD, SCDJWS, SCJP, PMP
PHR Certification
PHR / SPHR Certification
SCJP Practice Tests
SCWCD Practice Tests
SCBCD Practice Tests
SCDJWS Practice Tests
PMP Practice Test
GPHR Practice Tests
|CISSP Practice Tests CISA Practice Tests

SCWCD Certification Practice Tests SCWCD Study Guide (CX-310-081)

 

 

 

 

 

 

 

 
 
 EJBSecurity Quiz  

EJB Security Quiz:

Let's assume you are an Application Assembler. You are assembling an entity bean that uses programmatic security to manage access control to the bean's methods. The entity bean has hard-coded the role name "root" within the source code. For example:

private void doSomething ()
{
if (context.isCallerInRole ("Root")) {
//allow
}
else // reject
}

However, your application uses the role name super-user, instead of root. Which of the following deployment descriptors can be used to correctly map the root role name used in the bean code to the super-user role name defined in your application's deployment descriptor?

A) <security-role-ref>
<role-name>root</role-name>
<role-link>super-user</role-link>
</security-role-ref>

B) <security-role-ref>
<role>root</role>
<link>super-user</link>
</security-role-ref>

C) <security-role-ref>
<role-name>super-user</role-name>
<role-link>root</role-link>
</security-role-ref>

D) <security-role-ref>
<role-name>root</role-name>
<link>super-user</link>
</security-role-ref>

  • [Ans: A]

  • An enterprise bean developer defines all security role names used in the enterprise bean code. Each security role name is defined in a deployment descriptor <security-role-ref> element, and is associated (via <role-link>) with a security role defined elsewhere in the descriptor.

    Security roles are defined with the application deployment descriptor element <role-name>. For example, the following enterprise bean deployment descriptor fragment defines a role name root, which is a reference (or <role-link>) to role super-user.

    ....
    <enterprise-beans>
    ...
    <entity>
    <ejb-name>AnEntityBean</ejb-name>
    <ejb-class>AnEntityBean.class</ejb-class>
    ...
    <security-role-ref>
    <role-name>root</role-name>
    <role-link>super-user</role-link>
    </security-role-ref>
    ...
    </entity>
    </enterprise-beans>
    .....

    Elsewhere in the deployment descriptor, the security role super-user is defined as:

    ....
    <assembly-descriptor>
    <security-role>
    <description>This is the security-role for the security role
    "root" referenced in the AnEntityBean class</description>
    <role-name>super-user</role-name>
    </security-role>
    </assembly-descriptor>
    ....


    References: http://java.sun.com/blueprints/qanda/security/



BACK    |    NEXT

 


 

  HRCI Certifications :  PHR, SPHR, GPHR   |    PMI Certifications: PMP
Java Certifications :  SCWCD, SCBCD, SCJDWS, SCJP  | Security Certifications: CISSP, CISA