Given an HttpSession session, a ServletRequest request, and a ServletContext context, which retrieves a URL to /WEB-INF/myconfig.xml within a web application?
A. session.getResource("/WEB-INF/myconfig.xml")
B. request.getResource("/WEB-INF/myconfig.xml")
C. context.getResource("/WEB-INF/myconfig.xml")
D. getClass().getResource("/WEB-INF/myconfig.xml")
Your company has a corporate policy that prohibits storing a customer's credit card number in any corporate database. However, users have complained that they do NOT want to re-enter their credit card number for each transaction. Your management has decided to use client-side cookies to record the user's credit card number for 120 days. Furthermore, they also want to protect this information during transit from the web browser to the web container; so the cookie must only be transmitted over HTTPS.
Which code snippet creates the "creditCard" cookie and adds it to the out going response to be stored on the user's web browser?
A. 10. Cookie c = new Cookie("creditCard", usersCard);11. c.setSecure(true);12.
B. setAge(10368000);13. response.addCookie(c);
C. 10. Cookie c = new Cookie("creditCard", usersCard);11. c.setHttps(true);12.
D. setMaxAge(10368000);13. response.setCookie(c);
E. 10. Cookie c = new Cookie("creditCard", usersCard);11. c.setSecure(true);12.
F. setMaxAge(10368000);13. response.addCookie(c);
G. 10. Cookie c = new Cookie("creditCard", usersCard);11. c.setHttps(true);12.
H. setAge(10368000);13. response.addCookie(c);
I. 10. Cookie c = new Cookie("creditCard", usersCard);11. c.setSecure(true);12.
J. setAge(10368000);13. response.setCookie(c);
Given a header in an HTTP request:
X-Retries: 4
Which two retrieve the value of the header from a given HttpServletRequest request? (Choose two.)
A. request.getHeader("X-Retries")
B. request.getIntHeader("X-Retries")
C. request.getRequestHeader("X-Retries")
D. request.getHeaders("X-Retries").get(0)
E. request.getRequestHeaders("X-Retries").get(0)
For a given ServletResponse response, which two retrieve an object for writing text data? (Choose two.)
A. response.getWriter()
B. response.getOutputStream()
C. response.getOutputWriter()
D. response.getWriter().getOutputStream()
E. response.getWriter(Writer.OUTPUT_TEXT)
Your management has required that all JSPs be created to generate XHTML-compliant content and to facilitate that decision, you are required to create all JSPs using the JSP Document format. In the reviewOrder.jspx page, you need to use several core JSTL tags to process the collection of order items in the customer's shopping cart. Which JSP code snippets must you use in the reviewOrder.jspx page?
A.
B.
C.
D.
Which two JSTL URL-related tags perform URL rewriting? (Choose two.)
A. url
B. link
C. param
D. import
E. redirect
A custom JSP tag must be able to support an arbitrary number of attributes whose names are unknown when the tag class is designed. Which two are true? (Choose two.)
A. The
B. The echo tag handler must define the setAttribute(String key, String value) method.
C. The
D. The class implementing the echo tag handler must implement the javax.servlet.jsp.tagext.IterationTag interface.
E. The class implementing the echo tag handler must implement the javax.servlet.jsp.tagext.DynamicAttributes interface.
A developer has used this code within a servlet:
62.
if(request.isUserInRole("vip")) {
63.
// VIP-related logic here
64.
}
What else must the developer do to ensure that the intended security goal is achieved?
A. create a user called vip in the security realm
B. define a group within the security realm and call it vip
C. define a security-role named vip in the deployment descriptor
D. declare a security-role-ref for vip in the deployment descriptor
Given:
3.
class MyServlet extends HttpServlet {
4.
public void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
5.
// servlet code here ...
26.
}
27.
}
If the DD contains a single security constraint associated with MyServlet and its only
Which four requests would be allowed by the container? (Choose four.)
A. A user whose role is Admin can perform a PUT.
B. A user whose role is Admin can perform a GET.
C. A user whose role is Admin can perform a POST.
D. A user whose role is Member can perform a PUT.
E. A user whose role is Member can perform a POST.
F. A user whose role is Member can perform a GET.
What is true about Java EE authentication mechanisms?
A. If your deployment descriptor correctly declares an authentication type of CLIENT_CERT, your users must have a certificate from an official source before they can use your application.
B. If your deployment descriptor correctly declares an authentication type of BASIC, the container automatically requests a user name and password whenever a user starts a new session.
C. If you want your web application to support the widest possible array of browsers, and you want to perform authentication, the best choice of Java EE authentication mechanisms is DIGEST.
D. To use Java EE FORM authentication, you must declare two HTML files in your deployment descriptor, and you must use a predefined action in the HTML file that handles your user's login.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Oracle exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 1Z0-858 exam preparations and Oracle certification application, do not hesitate to visit our Vcedump.com to find your solutions here.