Spring Questions and Answers – Securing URL Access

«
»

This set of Java Spring Multiple Choice Questions & Answers (MCQs) focuses on “Securing URL Access”.

1. Way to secure web app’s URL.
a) servlet filters
b) refresh-check-delay
c) http servlet filters
d) none of the mentioned
View Answer

Answer: a
Explanation: Spring Security enables you to secure a web application’s URL access in a declarative way through simple configuration. It handles security by applying servlet filters to HTTP requests.
advertisement

2. Servlet filter registered in web deployment descriptor, which filters request in spring application context.
a) DelegatingFilter
b) DelegatingFilterProxy
c) DelegatingProxy
d) None of the mentioned
View Answer

Answer: b
Explanation: As servlet filters must be registered in the web deployment descriptor to take effect, you have to register a DelegatingFilterProxy instance in the web deployment descriptor, which is a servlet filter that delegates request filtering to a filter in Spring’s application context.

3. Servlet APIs to access security information of web application.
a) HttpServletRequest.isUserInRole()
b) HttpServletRequest.getUserPrincipal()
c) None of the mentioned
d) All of the mentioned
View Answer

Answer: d
Explanation: Servlet API integration: This allows you to access security information in your web application via standard Servlet APIs, such as HttpServletRequest.isUserInRole() and HttpServletRequest.getUserPrincipal().

4. To load root application context at the start up.
a) ContextListener
b) ContextLoader
c) ContextLoaderListener
d) ContextEventListener
View Answer

Answer: c
Explanation: In the web deployment descriptor (i.e., web.xml), you register ContextLoaderListener to load the root application context at startup.

5. To dispatch requests for web application.
a) DispatcherServlet
b) ViewHandler
c) ViewResolver
d) None of the mentioned
View Answer

Answer: a
Explanation: Spring MVC DispatcherServlet is used to dispatch requests.
advertisement

6. The responsibility of DelegatingFilterProxy is simply to delegate HTTP request filtering to a Spring bean that implements the interface:-
a) java.util.logging.Filter
b) java.util.logging.net
c) java.util.logging.FilterHttp
d) none of the mentioned
View Answer

Answer: a
Explanation: The responsibility of DelegatingFilterProxy is simply to delegate HTTP request filtering to a Spring bean that implements the java.util.logging.Filter interface.

7. By default, DelegatingFilterProxy delegates to a bean whose name is the same as its filter-name property.
a) True
b) False
View Answer

Answer: a
Explanation: By default, it delegates to a bean whose name is the same as its filter-name property, but you can override the bean name in its targetBeanName init parameter.

8. Filter chain configured by Spring security, when web app security enabled.
a) springSecurityFilterChain
b) delegatingFilterProxy
c) none of the mentioned
d) all of the mentioned
View Answer

Answer: a
Explanation: As Spring Security will automatically configure a filter chain with the name springSecurityFilterChain when you enable web application security, you can simply use this name for your DelegatingFilterProxy instance.

9. The http auto-config=”false” element automatically configures the basic security services that a typical web application needs.
a) True
b) False
View Answer

Answer: b
Explanation: The http auto-config=”true” element automatically configures the basic security services that a typical web application needs. You can fine-tune these services with the corresponding sub elements inside it.
advertisement

10. Element used to restrict access to a particular URL.
a) restrict-url
b) intercept-url
c) intercept-restrict
d) none of the mentioned
View Answer

Answer: b
Explanation: Inside the http configuration element, you can restrict access to particular URLs with one or more intercept-url elements.

11. Element which configures authentication services.
a) authentication-provider
b) authentication-manager
c) all of the mentioned
d) none of the mentioned
View Answer

Answer: c
Explanation: You can configure authentication services in the authentication-provider element, which is nested inside the authentication-manager element.

12. Element which defines user details.
a) user-service
b) user-details
c) user-requirements
d) user-servicerequirements
View Answer

Answer: a
Explanation: Spring Security also supports defining user details in user-service directly for simple security requirements. You can specify a
username, a password, and a set of authorities for each user.

13. Which of the following way to provide authenticity of users is/are supported by Spring Security?
a) Authenticating against a database
b) LDAP repository
c) All of the mentioned
d) None of the mentioned
View Answer

Answer: c
Explanation: Spring Security supports several ways of authenticating users, including authenticating against a database or an LDAP repository.
advertisement

14. The basic security services registered and configured by Spring Security.
a) Form-based login service
b) Logout Service
c) HTTP Basic authentication.
d) All of the mentioned
View Answer

Answer: d
Explanation: Spring Security will automatically register and configure several basic security services, including the above mentioned.

15. HTTP Basic authentication support is configured by:-
a) logout
b) http-basic
c) http-basicauth
d) none of the mentioned
View Answer

Answer: d
Explanation: The HTTP Basic authentication support can be configured via the http-basic element. When HTTP Basic authentication is required, a browser will typically display a login dialog or a specific login page for users to log in.

Sanfoundry Global Education & Learning Series – Java Spring.
To practice all areas of Java Spring, here is complete set of 1000+ Multiple Choice Questions and Answers.

Participate in the Sanfoundry Certification contest to get free Certificate of Merit. Join our social networks below and stay updated with latest contests, videos, internships and jobs!

advertisement
advertisement
advertisement
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He is Linux Kernel Developer & SAN Architect and is passionate about competency developments in these areas. He lives in Bangalore and delivers focused training sessions to IT professionals in Linux Kernel, Linux Debugging, Linux Device Drivers, Linux Networking, Linux Storage, Advanced C Programming, SAN Storage Technologies, SCSI Internals & Storage Protocols such as iSCSI & Fiber Channel. Stay connected with him @ LinkedIn