Which two statements are true about using the isUserInRole method to implement security in a Java EE application?

Which two statements are true about using the isUserInRole method to implement security in a
Java EE application? (Choose two.)

Which two statements are true about using the isUserInRole method to implement security in a
Java EE application? (Choose two.)

A.
It can be invoked only from the doGet or doPost methods.

B.
It can be used independently of the getRemoteUser method.

C.
Can return “true” even when its argument is NOT defined as a valid role name in the
deployment descriptor.

D.
Using the isUserInRole method overrides any declarative authentication related to the method
in which it is invoked.

E.
Using the isUserInRole method overrides any declarative authorization related to the method in
which it is invoked.

Explanation:

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

giuseppe

giuseppe

Not clear

Reply