SlideShare a Scribd company logo

Spring security

Download as DOCX, PDF
J
JyothiAmpally

Spring security interview questions

Technology
1 of 3
1. Form-based login is configured by:- a) servlet filters b) refresh-check-delay c) form-login d) none of the mentioned Answer: c Explanation: The form-based login service will render a web page that contains a login form for users to input their login details and process the login form submission. It’s configured via the form-login element. 2. Action URL can be customized using form-login. a) True b) False Answer: a Explanation: Note that the form action URL and the input field names are Spring Security– specific. However, the action URL can be customized with the login-url attribute of form- login. 3. Attribute used to display custom login page. a) login-url b) custom-login c) login-custom d) custom-login Answer: a Explanation: In order for Spring Security to display your custom login page when a login is requested, you have to specify its URL in the login-page attribute. 4. Attribute which specifies redirection URL on login error. a) authentication-failure-url b) authentication-failure_login-url c) authentication-login-url d) none of the mentioned Answer: a Explanation: If you specify a custom login page, you will have to configure the authentication-failure-url attribute to specify which URL to redirect to on login error. 5. Session scope attribute to display error message. a) SPRING_SECURITY_FIRST_EXCEPTION b) SPRING_SECURITY_LAST_EXCEPTION c) SPRING_SECURITY_EXCEPTION d) SPRING_SECURITY_LAST_ERROR Answer: b Explanation: If an error has occurred, you will have to display the error message by
accessing the session scope attribute SPRING_SECURITY_LAST_EXCEPTION, which stores the last exception for the current user. 6. Logout service is configured by:- a) logout b) login c) logout-basic d) logout_basic Answer: a Explanation: The logout service provides a handler to handle logout requests. It can be configured via the logout element. 7. Element which redirects to a specific URL on logout. a) logout-success b) logout-success_url c) logout-url d) logout-success-url Answer: d Explanation: By default, a user will be redirected to the context path root when the logout succeeds, but sometimes, you may wish to direct the user to another URL. 8. Anonymous login services can be configured by:- a) anonymous-basic b) anonymous c) anonymous-target d) none of the mentioned Answer: b Explanation: The anonymous login service can be configured via the anonymous element. 9. Default values of customized Username and authorities are anonymousUser and ROLE_ANONYMOUS respectively. a) True b) False Answer: a Explanation: You can customize the username and authorities of an anonymous user, whose default values are anonymousUser and ROLE_ANONYMOUS. 10. Remember-me support can be configured by:- a) remember-me b) remember-me-basic c) remember-basic d) none of the mentioned Answer: a Explanation: Remember-me support can be configured via the remember-me element.
11. By default, Remember-me encodes the username, password, remember-me expiration time, and a private key as a token, and stores it as a cache in the user’s browser. a) True b) False Answer: b Explanation: Remember-me stores as cookie in the user’s browser not as cache. 12. Spring Security algorithms to secure password. a) MD5 b) SHA c) All of the mentioned d) None of the mentioned Answer: c Explanation: Spring Security supports several algorithms for encoding passwords (including MD5 and SHA) and provides built-in password encoders for these algorithms. 13. Connection of database with Apache derby server requires. a) Derby client.jar b) Spring JDBC support c) None of the mentioned d) All of the mentioned Answer: d Explanation: To connect to a database in the Apache Derby server, you need the Derby client .jars, as well as the Spring JDBC support. 14. You can specify the statements for querying a user’s information and authorities in the users-by-username-query and authorities-by-username-query attributes. a) True b) False Answer: a Explanation: Spring Security also supports using custom SQL statements to query a legacy database for user details. 15. Utility to calculate MD5 digests for your password. a) CheckSum b) BeanShell c) Jacksum d) None of the mentioned Answer: c Explanation: Jacksum, which you can download from http://sourceforge.net/projects/jacksum/ and extract to a directory of your choice. Then execute the following command to calculate a digest for a text: java -jar jacksum.jar -a md5 -q “txt:secret”

Recommended

Oauth 2.0 security
Oauth 2.0 securityOauth 2.0 security
Oauth 2.0 security
vinoth kumar
 
EmberConf 2015 – Ambitious UX for Ambitious Apps
EmberConf 2015 – Ambitious UX for Ambitious AppsEmberConf 2015 – Ambitious UX for Ambitious Apps
EmberConf 2015 – Ambitious UX for Ambitious Apps
Lauren Elizabeth Tan
 
Client-side Auth with Ember.js
Client-side Auth with Ember.jsClient-side Auth with Ember.js
Client-side Auth with Ember.js
Matthew Beale
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservices
Alvaro Sanchez-Mariscal
 
An Introduction to OAuth2
An Introduction to OAuth2An Introduction to OAuth2
An Introduction to OAuth2
Aaron Parecki
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015
Alvaro Sanchez-Mariscal
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
Uwe Friedrichsen
 
Stateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWTStateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWT
Gaurav Roy
 

Recommended

Oauth 2.0 security
Oauth 2.0 securityOauth 2.0 security
Oauth 2.0 security
vinoth kumar
 
EmberConf 2015 – Ambitious UX for Ambitious Apps
EmberConf 2015 – Ambitious UX for Ambitious AppsEmberConf 2015 – Ambitious UX for Ambitious Apps
EmberConf 2015 – Ambitious UX for Ambitious Apps
Lauren Elizabeth Tan
 
Client-side Auth with Ember.js
Client-side Auth with Ember.jsClient-side Auth with Ember.js
Client-side Auth with Ember.js
Matthew Beale
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservices
Alvaro Sanchez-Mariscal
 
An Introduction to OAuth2
An Introduction to OAuth2An Introduction to OAuth2
An Introduction to OAuth2
Aaron Parecki
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015
Alvaro Sanchez-Mariscal
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
Uwe Friedrichsen
 
Stateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWTStateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWT
Gaurav Roy
 
OAuth 2 Presentation
OAuth 2 PresentationOAuth 2 Presentation
OAuth 2 Presentation
Mohamed Ahmed Abdullah
 
OAuth 2.0 and Library
OAuth 2.0 and LibraryOAuth 2.0 and Library
OAuth 2.0 and Library
Kenji Otsuka
 
OAuth2 and Spring Security
OAuth2 and Spring SecurityOAuth2 and Spring Security
OAuth2 and Spring Security
Orest Ivasiv
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Alvaro Sanchez-Mariscal
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - Introduction
Knoldus Inc.
 
OAuth2 Protocol with Grails Spring Security
OAuth2 Protocol with Grails Spring SecurityOAuth2 Protocol with Grails Spring Security
OAuth2 Protocol with Grails Spring Security
NexThoughts Technologies
 
Stateless token-based authentication for pure front-end applications
Stateless token-based authentication for pure front-end applicationsStateless token-based authentication for pure front-end applications
Stateless token-based authentication for pure front-end applications
Alvaro Sanchez-Mariscal
 
Android Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG StockholmAndroid Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG Stockholm
Johan Nilsson
 
An introduction to OAuth 2
An introduction to OAuth 2An introduction to OAuth 2
An introduction to OAuth 2
Sanjoy Kumar Roy
 
Implementing OAuth
Implementing OAuthImplementing OAuth
Implementing OAuth
leahculver
 
Paul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & syncPaul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & sync
mdevtalk
 
300 208 exam dumps
300 208 exam dumps300 208 exam dumps
300 208 exam dumps
michealdeweese
 
PHP Session - Mcq ppt
PHP Session - Mcq ppt PHP Session - Mcq ppt
PHP Session - Mcq ppt
Shaheen Shaikh
 
Microsoft AZ-204 Exam Dumps
Microsoft AZ-204 Exam DumpsMicrosoft AZ-204 Exam Dumps
Microsoft AZ-204 Exam Dumps
Study Material
 
Adobe Experience Manager 6.0 Developer Exam
Adobe Experience Manager 6.0 Developer ExamAdobe Experience Manager 6.0 Developer Exam
Adobe Experience Manager 6.0 Developer Exam
Ellina Beckman
 
Express 070 536
Express 070 536Express 070 536
Express 070 536
chokkamedex
 
000 252
000 252000 252
000 252
ambrevan87
 
How to Pass Salesforce Identity and Access Management Architect Exam?
How to Pass Salesforce Identity and Access Management Architect Exam?How to Pass Salesforce Identity and Access Management Architect Exam?
How to Pass Salesforce Identity and Access Management Architect Exam?
AdinaCoyle
 
Google cloud Professional Data Engineer practice exam test 2020
Google cloud Professional Data Engineer practice exam test 2020Google cloud Professional Data Engineer practice exam test 2020
Google cloud Professional Data Engineer practice exam test 2020
SkillCertProExams
 
Exam 9a0-384 Adobe Experience Manager 6.0 Developer Exam
Exam 9a0-384 Adobe Experience Manager 6.0 Developer ExamExam 9a0-384 Adobe Experience Manager 6.0 Developer Exam
Exam 9a0-384 Adobe Experience Manager 6.0 Developer Exam
KylieJonathan
 
Exam 9A0-384 Adobe ExperienceManager 6.0 Developer Exam
Exam 9A0-384 Adobe ExperienceManager 6.0 Developer ExamExam 9A0-384 Adobe ExperienceManager 6.0 Developer Exam
Exam 9A0-384 Adobe ExperienceManager 6.0 Developer Exam
KylieJonathan
 
1 y0 253-q&a-demo-certmagic
1 y0 253-q&a-demo-certmagic1 y0 253-q&a-demo-certmagic
1 y0 253-q&a-demo-certmagic
aniejhon56
 

More Related Content

What's hot

Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Alvaro Sanchez-Mariscal
 

What's hot (11)

OAuth 2 Presentation
OAuth 2 PresentationOAuth 2 Presentation
OAuth 2 Presentation
 
OAuth 2.0 and Library
OAuth 2.0 and LibraryOAuth 2.0 and Library
OAuth 2.0 and Library
 
OAuth2 and Spring Security
OAuth2 and Spring SecurityOAuth2 and Spring Security
OAuth2 and Spring Security
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - Introduction
 
OAuth2 Protocol with Grails Spring Security
OAuth2 Protocol with Grails Spring SecurityOAuth2 Protocol with Grails Spring Security
OAuth2 Protocol with Grails Spring Security
 
Stateless token-based authentication for pure front-end applications
Stateless token-based authentication for pure front-end applicationsStateless token-based authentication for pure front-end applications
Stateless token-based authentication for pure front-end applications
 
Android Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG StockholmAndroid Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG Stockholm
 
An introduction to OAuth 2
An introduction to OAuth 2An introduction to OAuth 2
An introduction to OAuth 2
 
Implementing OAuth
Implementing OAuthImplementing OAuth
Implementing OAuth
 
Paul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & syncPaul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & sync
 

Similar to Spring security

Microsoft AZ-204 Exam Dumps
Microsoft AZ-204 Exam DumpsMicrosoft AZ-204 Exam Dumps
Microsoft AZ-204 Exam Dumps
Study Material
 
Programming Assignment 3 CSCE 3530 Introduction to Comput.pdf
Programming Assignment 3 CSCE 3530 Introduction to Comput.pdfProgramming Assignment 3 CSCE 3530 Introduction to Comput.pdf
Programming Assignment 3 CSCE 3530 Introduction to Comput.pdf
addtechglobalmarketi
 
Sea surfing in asp.net mvc
Sea surfing in asp.net mvcSea surfing in asp.net mvc
Sea surfing in asp.net mvc
magda3695
 
AZ - 400 olih orcle Implementing Microsoft DevOps (1).pdf
AZ - 400 olih orcle Implementing Microsoft DevOps (1).pdfAZ - 400 olih orcle Implementing Microsoft DevOps (1).pdf
AZ - 400 olih orcle Implementing Microsoft DevOps (1).pdf
NithinRoy12
 

Similar to Spring security (20)

300 208 exam dumps
300 208 exam dumps300 208 exam dumps
300 208 exam dumps
 
PHP Session - Mcq ppt
PHP Session - Mcq ppt PHP Session - Mcq ppt
PHP Session - Mcq ppt
 
Microsoft AZ-204 Exam Dumps
Microsoft AZ-204 Exam DumpsMicrosoft AZ-204 Exam Dumps
Microsoft AZ-204 Exam Dumps
 
Adobe Experience Manager 6.0 Developer Exam
Adobe Experience Manager 6.0 Developer ExamAdobe Experience Manager 6.0 Developer Exam
Adobe Experience Manager 6.0 Developer Exam
 
Express 070 536
Express 070 536Express 070 536
Express 070 536
 
000 252
000 252000 252
000 252
 
How to Pass Salesforce Identity and Access Management Architect Exam?
How to Pass Salesforce Identity and Access Management Architect Exam?How to Pass Salesforce Identity and Access Management Architect Exam?
How to Pass Salesforce Identity and Access Management Architect Exam?
 
Google cloud Professional Data Engineer practice exam test 2020
Google cloud Professional Data Engineer practice exam test 2020Google cloud Professional Data Engineer practice exam test 2020
Google cloud Professional Data Engineer practice exam test 2020
 
Exam 9a0-384 Adobe Experience Manager 6.0 Developer Exam
Exam 9a0-384 Adobe Experience Manager 6.0 Developer ExamExam 9a0-384 Adobe Experience Manager 6.0 Developer Exam
Exam 9a0-384 Adobe Experience Manager 6.0 Developer Exam
 
Exam 9A0-384 Adobe ExperienceManager 6.0 Developer Exam
Exam 9A0-384 Adobe ExperienceManager 6.0 Developer ExamExam 9A0-384 Adobe ExperienceManager 6.0 Developer Exam
Exam 9A0-384 Adobe ExperienceManager 6.0 Developer Exam
 
1 y0 253-q&a-demo-certmagic
1 y0 253-q&a-demo-certmagic1 y0 253-q&a-demo-certmagic
1 y0 253-q&a-demo-certmagic
 
Programming Assignment 3 CSCE 3530 Introduction to Comput.pdf
Programming Assignment 3 CSCE 3530 Introduction to Comput.pdfProgramming Assignment 3 CSCE 3530 Introduction to Comput.pdf
Programming Assignment 3 CSCE 3530 Introduction to Comput.pdf
 
Jdbc ppt
Jdbc pptJdbc ppt
Jdbc ppt
 
CAD Report
CAD ReportCAD Report
CAD Report
 
Aws certified security specialty practice tests 2022
Aws certified security specialty practice tests 2022Aws certified security specialty practice tests 2022
Aws certified security specialty practice tests 2022
 
Sea surfing in asp.net mvc
Sea surfing in asp.net mvcSea surfing in asp.net mvc
Sea surfing in asp.net mvc
 
32916
3291632916
32916
 
Google cloud certified professional cloud developer practice dumps 2020
Google cloud certified professional cloud developer practice dumps 2020Google cloud certified professional cloud developer practice dumps 2020
Google cloud certified professional cloud developer practice dumps 2020
 
Mc0081 .(dot)net technologies
Mc0081 .(dot)net technologiesMc0081 .(dot)net technologies
Mc0081 .(dot)net technologies
 
AZ - 400 olih orcle Implementing Microsoft DevOps (1).pdf
AZ - 400 olih orcle Implementing Microsoft DevOps (1).pdfAZ - 400 olih orcle Implementing Microsoft DevOps (1).pdf
AZ - 400 olih orcle Implementing Microsoft DevOps (1).pdf
 

More from JyothiAmpally

More from JyothiAmpally (8)

1. Introduction to HTML5.ppt
1. Introduction to HTML5.ppt1. Introduction to HTML5.ppt
1. Introduction to HTML5.ppt
 
01-basics-functions.ppt
01-basics-functions.ppt01-basics-functions.ppt
01-basics-functions.ppt
 
03_A-OOPs_Interfaces.ppt
03_A-OOPs_Interfaces.ppt03_A-OOPs_Interfaces.ppt
03_A-OOPs_Interfaces.ppt
 
25-functions.ppt
25-functions.ppt25-functions.ppt
25-functions.ppt
 
03_A-OOPs_Interfaces.ppt
03_A-OOPs_Interfaces.ppt03_A-OOPs_Interfaces.ppt
03_A-OOPs_Interfaces.ppt
 
02-Java Technology Details.ppt
02-Java Technology Details.ppt02-Java Technology Details.ppt
02-Java Technology Details.ppt
 
01-Java Introduction.ppt
01-Java Introduction.ppt01-Java Introduction.ppt
01-Java Introduction.ppt
 
01_What is Java.ppt
01_What is Java.ppt01_What is Java.ppt
01_What is Java.ppt
 

Recently uploaded

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Recently uploaded (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

Spring security

  • 1. 1. Form-based login is configured by:- a) servlet filters b) refresh-check-delay c) form-login d) none of the mentioned Answer: c Explanation: The form-based login service will render a web page that contains a login form for users to input their login details and process the login form submission. It’s configured via the form-login element. 2. Action URL can be customized using form-login. a) True b) False Answer: a Explanation: Note that the form action URL and the input field names are Spring Security– specific. However, the action URL can be customized with the login-url attribute of form- login. 3. Attribute used to display custom login page. a) login-url b) custom-login c) login-custom d) custom-login Answer: a Explanation: In order for Spring Security to display your custom login page when a login is requested, you have to specify its URL in the login-page attribute. 4. Attribute which specifies redirection URL on login error. a) authentication-failure-url b) authentication-failure_login-url c) authentication-login-url d) none of the mentioned Answer: a Explanation: If you specify a custom login page, you will have to configure the authentication-failure-url attribute to specify which URL to redirect to on login error. 5. Session scope attribute to display error message. a) SPRING_SECURITY_FIRST_EXCEPTION b) SPRING_SECURITY_LAST_EXCEPTION c) SPRING_SECURITY_EXCEPTION d) SPRING_SECURITY_LAST_ERROR Answer: b Explanation: If an error has occurred, you will have to display the error message by
  • 2. accessing the session scope attribute SPRING_SECURITY_LAST_EXCEPTION, which stores the last exception for the current user. 6. Logout service is configured by:- a) logout b) login c) logout-basic d) logout_basic Answer: a Explanation: The logout service provides a handler to handle logout requests. It can be configured via the logout element. 7. Element which redirects to a specific URL on logout. a) logout-success b) logout-success_url c) logout-url d) logout-success-url Answer: d Explanation: By default, a user will be redirected to the context path root when the logout succeeds, but sometimes, you may wish to direct the user to another URL. 8. Anonymous login services can be configured by:- a) anonymous-basic b) anonymous c) anonymous-target d) none of the mentioned Answer: b Explanation: The anonymous login service can be configured via the anonymous element. 9. Default values of customized Username and authorities are anonymousUser and ROLE_ANONYMOUS respectively. a) True b) False Answer: a Explanation: You can customize the username and authorities of an anonymous user, whose default values are anonymousUser and ROLE_ANONYMOUS. 10. Remember-me support can be configured by:- a) remember-me b) remember-me-basic c) remember-basic d) none of the mentioned Answer: a Explanation: Remember-me support can be configured via the remember-me element.
  • 3. 11. By default, Remember-me encodes the username, password, remember-me expiration time, and a private key as a token, and stores it as a cache in the user’s browser. a) True b) False Answer: b Explanation: Remember-me stores as cookie in the user’s browser not as cache. 12. Spring Security algorithms to secure password. a) MD5 b) SHA c) All of the mentioned d) None of the mentioned Answer: c Explanation: Spring Security supports several algorithms for encoding passwords (including MD5 and SHA) and provides built-in password encoders for these algorithms. 13. Connection of database with Apache derby server requires. a) Derby client.jar b) Spring JDBC support c) None of the mentioned d) All of the mentioned Answer: d Explanation: To connect to a database in the Apache Derby server, you need the Derby client .jars, as well as the Spring JDBC support. 14. You can specify the statements for querying a user’s information and authorities in the users-by-username-query and authorities-by-username-query attributes. a) True b) False Answer: a Explanation: Spring Security also supports using custom SQL statements to query a legacy database for user details. 15. Utility to calculate MD5 digests for your password. a) CheckSum b) BeanShell c) Jacksum d) None of the mentioned Answer: c Explanation: Jacksum, which you can download from http://sourceforge.net/projects/jacksum/ and extract to a directory of your choice. Then execute the following command to calculate a digest for a text: java -jar jacksum.jar -a md5 -q “txt:secret”