Which of the following methods does the Java Servlet Specification v2.4 define in the
HttpServletRequest interface that control programmatic security? Each correct answer represents
a complete solution. Choose all that apply.
A.
getCallerIdentity()
B.
isUserInRole()
C.
getUserPrincipal()
D.
getRemoteUser()
Explanation:
The various methods of the HttpServletRequest interface are as follows:
getRemoteUser(): It returns the user name that is used for the client authentication. The value of
the getRemoteUser() method returns null if no user is authenticated. isUserInRole(): It determines
whether the remote user is granted a specified user role. The value of the isUserInRole() method
returns true if the remote user is granted the specified user role; otherwise it returns false.
getUserPrincipal(): It determines the principle name of the current user and returns the
java.security.Principal object. The java.security.Principal object contains the remote user name.
incorrect. It is not defined in the
HttpServletRequest interface. The getCallerIdentity() method is used to obtain the
java.security.Identity of the caller.