- Home
- Oracle
- Java EE 6 Enterprise JavaBeans Developer Certified Expert
- Oracle.1z0-895.v2018-04-11.q90
- Question 25
Valid 1Z0-895 Dumps shared by ExamDiscuss.com for Helping Passing 1Z0-895 Exam! ExamDiscuss.com now offer the newest 1Z0-895 exam dumps, the ExamDiscuss.com 1Z0-895 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 1Z0-895 dumps with Test Engine here:
Access 1Z0-895 Dumps Premium Version
(90 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 25/90
A Java EE application server has four different security realms for user management. One of the security realms is custom made. This realm supports only individual user entries, no grouping of users, and is used by the application. Which two statements are true? (Choose two.)
Correct Answer: B,D
Explanation/Reference:
Not A, not C:
A security role reference defines a mapping between the name of a role that is called from a web component using isUserInRole(String role)and the name of a security role that has been defined for the application. If no security-role-ref element is declared in a deployment descriptor and the isUserInRolemethod is called, the container defaults to checking the provided role name against the list of all security roles defined for the web application. Using the default method instead of using the security-role-ref element limits your flexibility to change role names in an application without also recompiling the servlet making the call.
For example, to map the security role reference cust to the security role with role name bankCustomer, the syntax would be:
<servlet>
...
<security-role-ref>
<role-name>cust</role-name>
<role-link>bankCustomer</role-link>
</security-role-ref>
...
</servlet>
Note:
* A realm is a security policy domain defined for a web or application server. A realm contains a collection of users, who may or may not be assigned to a group.
* The protected resources on a server can be partitioned into a set of protection spaces, each with its own authentication scheme and/or authorization database containing a collection of users and groups. A realm is a complete database of users and groups identified as valid users of one or more applications and controlled by the same authentication policy.
* In some applications, authorized users are assigned to roles. In this situation, the role assigned to the user in the application must be mapped to a principal or group defined on the application server.
* A role is an abstract name for the permission to access a particular set of resources in an application. A role can be compared to a key that can open a lock. Many people might have a copy of the key. The lock doesn't care who you are, only that you have the right key.
Reference: The Java EE 6 Tutorial, Declaring and Linking Role References
Not A, not C:
A security role reference defines a mapping between the name of a role that is called from a web component using isUserInRole(String role)and the name of a security role that has been defined for the application. If no security-role-ref element is declared in a deployment descriptor and the isUserInRolemethod is called, the container defaults to checking the provided role name against the list of all security roles defined for the web application. Using the default method instead of using the security-role-ref element limits your flexibility to change role names in an application without also recompiling the servlet making the call.
For example, to map the security role reference cust to the security role with role name bankCustomer, the syntax would be:
<servlet>
...
<security-role-ref>
<role-name>cust</role-name>
<role-link>bankCustomer</role-link>
</security-role-ref>
...
</servlet>
Note:
* A realm is a security policy domain defined for a web or application server. A realm contains a collection of users, who may or may not be assigned to a group.
* The protected resources on a server can be partitioned into a set of protection spaces, each with its own authentication scheme and/or authorization database containing a collection of users and groups. A realm is a complete database of users and groups identified as valid users of one or more applications and controlled by the same authentication policy.
* In some applications, authorized users are assigned to roles. In this situation, the role assigned to the user in the application must be mapped to a principal or group defined on the application server.
* A role is an abstract name for the permission to access a particular set of resources in an application. A role can be compared to a key that can open a lock. Many people might have a copy of the key. The lock doesn't care who you are, only that you have the right key.
Reference: The Java EE 6 Tutorial, Declaring and Linking Role References
- Question List (90q)
- Question 1: A developer needs to deliver a large-scale enterprise applic...
- Question 2: Which two are true about the client view of a message-driven...
- Question 3: Given singleton bean FooEJB: (Exhibit) How many distinct Foo...
- Question 4: Which is true about caller security principal propagation fo...
- Question 5: You are writing a client that sends a message to a JMS queue...
- Question 6: Which is a valid use of the EJB 3.x TimerHandle object?...
- Question 7: Assume you have been tasked with building an ejb-jar contain...
- Question 8: A developer wants to package an enterprise bean FooBean with...
- Question 9: Which is a valid Postconstruct method in a message-driven be...
- Question 10: A developer wants to create a JMS message-driven bean that r...
- Question 11: Given the following stateless session bean: (Exhibit) How wo...
- Question 12: A developer implements a CMT session bean with a method stor...
- Question 13: Given the following stateless session bean implementation cl...
- Question 14: A developer writes a stateful session bean with local busine...
- Question 15: A developer writes a stateful session bean FooBean with one ...
- Question 16: A developer writes an interceptor class and a stateless sess...
- Question 17: Given Singleton bean FooEJB: (Exhibit) FooEJB is packaged as...
- Question 18: A developer wants to write a stateful session bean using the...
- Question 19: An enterprise bean has security permissions set up using dec...
- Question 20: A developer writes a stateless session bean FooBean and uses...
- Question 21: Given the following code in an EJB session bean: (Exhibit) W...
- Question 22: Given a session bean defines: 11. @Stateless (name = "MrBean...
- Question 23: A developer writes a stateless session bean with one local b...
- Question 24: You are writing a client that sends a message to a JMS queue...
- Question 25: A Java EE application server has four different security rea...
- Question 26: Given the following client-side code that makes use of the s...
- Question 27: MyMsgBean is a JMS message-driven with container-managed tra...
- Question 28: Suppose an EJB named HelloWorldBean is deployed as a standal...
- Question 29: A developer writes three interceptor classes: AInt, BInt, an...
- Question 30: A developer impalements an asynchronous implementation for c...
- Question 31: A developer writes a Singleton bean that holds state for a s...
- Question 32: How many interceptor classes can be applied to a single stat...
- Question 33: A developer writes a stateful session bean called FooBean. W...
- Question 34: A stateful session bean contains a number of instance variab...
- Question 35: Given two stateless session beans, ABean and BBean: (Exhibit...
- Question 36: Assume you would like to receive notification from the conta...
- Question 37: You have been tasked to build a jar file that can be used by...
- Question 38: Suppose an EJB component is named HelloWorldBean is deployed...
- Question 39: A developer implements a session bean which acts as a sessio...
- Question 40: Which statement about message-driven beans is correct?...
- Question 41: Which statement is true about both stateful session beans an...
- Question 42: A developer implements a system in which transfers of goods ...
- Question 43: Given this code snippet from a JMS message driven bean class...
- Question 44: MyMsg is a JMS message-driven bean with container-managed tr...
- Question 45: A developer writes a stateful session bean FooBean with two ...
- Question 46: Given code snippets from two files: (Exhibit) Which four cod...
- Question 47: Which two statements are true? (Choose two.)...
- Question 48: A developer writes an interceptor class containing an Around...
- Question 49: An enterprise developer needs to modify the order of interce...
- Question 50: A developer writes a stateless session bean FooBean with one...
- Question 51: A developer creates a stateless session bean. This session b...
- Question 52: FooBean and BarBean are both EJB 3.x stateless session beans...
- Question 53: Given a set of CMT bean methods with the following transacti...
- Question 54: Given an JMS message-driven bean, which statement is true ab...
- Question 55: An ejb-jar also contains three interceptor classes: AInt, BI...
- Question 56: A developer implements a stateless session bean as a timed o...
- Question 57: Given the stateful session bean: (Exhibit) Assuming no other...
- Question 58: A developer writes a Singleton bean that uses the java Persi...
- Question 59: Which API must an EJB 3.1 container make available to enterp...
- Question 60: A developer wants to release resources within a stateless se...
- Question 61: Suppose a developer wants to create an automatic persistent ...
- Question 62: While excepting a business method in a stateless session bea...
- Question 63: Which two annotations can be applied at the class, method, a...
- Question 64: You are writing an EE component that functions as a message ...
- Question 65: Assume a client will be accessing a Singleton bean. Which cl...
- Question 66: A bean developer writes a stateless session bean FooEJB with...
- Question 67: Assume you have been tasked with building an ejb-jar contain...
- Question 68: A java EE application contains a session bean which uses a s...
- Question 69: A developer examines a list of potential enterprise applicat...
- Question 70: Which two statements are correct about stateless session bea...
- Question 71: Which two are programming restrictions in the EJB specificat...
- Question 72: A developer writes a stateless session bean HelloBean that e...
- Question 73: A developer writes an interceptor class called FooIntercepto...
- Question 74: A developer is writing client code to access a session bean ...
- Question 75: Given the following stateful bean: 10. @Stateful 11. @Transa...
- Question 76: A stateful session bean needs to restore its conversational ...
- Question 77: An enterprise developer has received ejb-jars from multiple ...
- Question 78: Which is a correct way to define a runtime exception as an E...
- Question 79: A stateless session bean FooBean implements an asynchronous ...
- Question 80: Which two statements are true JMS message-driven beans? (Cho...
- Question 81: A developer creates a stateless session bean, EmployeeServic...
- Question 82: A bean developer wants to write a stateless session bean cla...
- Question 83: A developer creates a stateful session bean that is used by ...
- Question 84: A developer wants to create an enterprise bean that uses the...
- Question 85: Which three methods can Bean Developer use in any EJB compli...
- Question 86: You are writing a client that sends a message to a JMS queue...
- Question 87: Which statement is correct about a Java EF client of a messa...
- Question 88: Which must result in the destruction of a stateful session b...
- Question 89: Assume an EJB application is comprised of the following EJB ...
- Question 90: Suppose developer wants to create an EJB component that perf...
