You domain’s security realm has two authentication provides :1dap1 and 1dap2.
Consider these requirements:
• If authentication succeeds with 1dap1, then skip 1dap2.
• If authentication fails with 1dap1, then authentication must succeed with 1dap2.
Which control flag should you use for 1dap1?
A.
Required
B.
Requisite
C.
Sufficient
D.
Optional
Correct answer: C
A
The Control Flag determines how the login sequence uses the Authentication provider.
• REQUIRED value specifies this LoginModule must succeed. Even if it fails, authentication proceeds down the list of LoginModules for the configured Authentication providers. This setting is the default.
• REQUISITE value specifies this LoginModule must succeed. If other Authentication providers are configured and this LoginModule succeeds, authentication proceeds down the list of LoginModules. Otherwise, control is return to the application.
• SUFFICIENT value specifies this LoginModule need not succeed. If it does succeed, return control to the application. If it fails and other Authentication providers are configured, authentication proceeds down the LoginModule list.
• OPTIONAL value specifies this LoginModule need not succeed. Whether it succeeds or fails, authentication proceeds down the LoginModule list.
I believe the answer is “C”
SUFFICIENT: The authenticator is not required to succeed. If it does succeed, control
immediately returns to the application (authentication does not proceed down the list). If
it fails, authentication continues down the list.
Use case: This authenticator does not
have to succeed, but if it does, it is sufficient to validate the user, so no other
authenticators need to be called.
Zo it is answer C
Ans C
C would be the correct answer
https://docs.oracle.com/middleware/1212/wls/SECMG/atn.htm#SECMG172
MUST succeed, so answer A
The question is asking about the setting for ldap1 not ldap2. Answer is C.
C
Which one is the correct answer..?