CertGear Systems - Certification Practice Tests /Exams For PHR, SPHR, GPHR, SCWCD, SCBCD, SCDJWS, SCJP, PMP Test Prep Products Built To Satisfy The Most Demanding Professional.
Certification Practice Tests For PHR, SPHR, GPHR, SCWCD, SCBCD, SCDJWS, SCJP, PMP
CertGear Products - Certification Practice Tests For PHR, SPHR, GPHR, SCWCD, SCBCD, SCDJWS, SCJP, PMPCertGear Products - Certification Practice Tests For PHR, SPHR, GPHR, SCWCD, SCBCD, SCDJWS, SCJP, PMPAbout CertGearCertGear Affiliates ProgramCertGear Technical SupportCertGear Product Downloads - Certification Practice Tests For PHR, SPHR, GPHR, SCWCD, SCBCD, SCDJWS, SCJP, PMP
PHR Certification
PHR / SPHR Certification
SCJP Practice Tests
SCWCD Practice Tests
SCBCD Practice Tests
SCDJWS Practice Tests
PMP Practice Test
GPHR Practice Tests
|CISSP Practice Tests CISA Practice Tests

SCWCD Certification Practice Tests SCWCD Study Guide (CX-310-081)
 
 EJB Security Quiz  

EJB Security Quiz:

Let's assume you are an Application Assembler. You are assembling a Catalog entity bean that exposes a business method called listSaleItems(). You would like to allow anonymous, unauthenticated clients to call this business method.

Which of the following deployment descriptor can be used to achieve this?

A) <method-permission>
<unchecked/>
<method>
<ejb-name>Catalog</ejb-name>
<method-name>listSaleItems</method-name>
</method>
<method>
...
</method-permission>

B) <method-permission>
<method allow="true">
<ejb-name>Catalog</ejb-name>
<method-name>listSaleItems</method-name>
</method>
<method>
...
</method-permission>
C) <method-permission>
<role-name>Allow All </role-name>
<method>
<ejb-name>Catalog</ejb-name>
<method-name>listSaleItems</method-name>
</method>
<method>
...
</method-permission>
D) <method-permission>
<method unchecked = "true">
<ejb-name>Catalog</ejb-name>
<method-name>listSaleItems</method-name>
</method>
<method>
...
</method-permission>

  • [Ans: A]

  • The <unchecked> element is used to allows anonymous, unauthenticated users to access certain EJB resources. In the EJB tier, the application assembler can use the unchecked element in the method-permission element to indicate that the methods covered by the specification are to be authorized by the container, independent of the identity of the caller.

    The following demonstrates the use of the unchecked element:


    <method-permission>
    <unchecked/>
    <method>
    <ejb-name>Catalog</ejb-name>
    <method-name>listSaleItems</method-name>
    </method>
    <method>
    ...
    </method-permission>



    References: http://java.sun.com/blueprints/guidelines/designing_enterprise_applications_2e/security/security4.html



BACK    |    NEXT

 


 

  HRCI Certifications :  PHR, SPHR, GPHR   |    PMI Certifications: PMP
Java Certifications :  SCWCD, SCBCD, SCJDWS, SCJP  | Security Certifications: CISSP, CISA