Spring security
- 1. 1. Form-based login is configured by:- a) servlet filters b) refresh-check-delay c) form-login d) none of the mentioned Answer: c Explanation: The form-based login service will render a web page that contains a login form for users to input their login details and process the login form submission. It’s configured via the form-login element. 2. Action URL can be customized using form-login. a) True b) False Answer: a Explanation: Note that the form action URL and the input field names are Spring Security– specific. However, the action URL can be customized with the login-url attribute of form- login. 3. Attribute used to display custom login page. a) login-url b) custom-login c) login-custom d) custom-login Answer: a Explanation: In order for Spring Security to display your custom login page when a login is requested, you have to specify its URL in the login-page attribute. 4. Attribute which specifies redirection URL on login error. a) authentication-failure-url b) authentication-failure_login-url c) authentication-login-url d) none of the mentioned Answer: a Explanation: If you specify a custom login page, you will have to configure the authentication-failure-url attribute to specify which URL to redirect to on login error. 5. Session scope attribute to display error message. a) SPRING_SECURITY_FIRST_EXCEPTION b) SPRING_SECURITY_LAST_EXCEPTION c) SPRING_SECURITY_EXCEPTION d) SPRING_SECURITY_LAST_ERROR Answer: b Explanation: If an error has occurred, you will have to display the error message by
- 2. accessing the session scope attribute SPRING_SECURITY_LAST_EXCEPTION, which stores the last exception for the current user. 6. Logout service is configured by:- a) logout b) login c) logout-basic d) logout_basic Answer: a Explanation: The logout service provides a handler to handle logout requests. It can be configured via the logout element. 7. Element which redirects to a specific URL on logout. a) logout-success b) logout-success_url c) logout-url d) logout-success-url Answer: d Explanation: By default, a user will be redirected to the context path root when the logout succeeds, but sometimes, you may wish to direct the user to another URL. 8. Anonymous login services can be configured by:- a) anonymous-basic b) anonymous c) anonymous-target d) none of the mentioned Answer: b Explanation: The anonymous login service can be configured via the anonymous element. 9. Default values of customized Username and authorities are anonymousUser and ROLE_ANONYMOUS respectively. a) True b) False Answer: a Explanation: You can customize the username and authorities of an anonymous user, whose default values are anonymousUser and ROLE_ANONYMOUS. 10. Remember-me support can be configured by:- a) remember-me b) remember-me-basic c) remember-basic d) none of the mentioned Answer: a Explanation: Remember-me support can be configured via the remember-me element.
- 3. 11. By default, Remember-me encodes the username, password, remember-me expiration time, and a private key as a token, and stores it as a cache in the user’s browser. a) True b) False Answer: b Explanation: Remember-me stores as cookie in the user’s browser not as cache. 12. Spring Security algorithms to secure password. a) MD5 b) SHA c) All of the mentioned d) None of the mentioned Answer: c Explanation: Spring Security supports several algorithms for encoding passwords (including MD5 and SHA) and provides built-in password encoders for these algorithms. 13. Connection of database with Apache derby server requires. a) Derby client.jar b) Spring JDBC support c) None of the mentioned d) All of the mentioned Answer: d Explanation: To connect to a database in the Apache Derby server, you need the Derby client .jars, as well as the Spring JDBC support. 14. You can specify the statements for querying a user’s information and authorities in the users-by-username-query and authorities-by-username-query attributes. a) True b) False Answer: a Explanation: Spring Security also supports using custom SQL statements to query a legacy database for user details. 15. Utility to calculate MD5 digests for your password. a) CheckSum b) BeanShell c) Jacksum d) None of the mentioned Answer: c Explanation: Jacksum, which you can download from http://sourceforge.net/projects/jacksum/ and extract to a directory of your choice. Then execute the following command to calculate a digest for a text: java -jar jacksum.jar -a md5 -q “txt:secret”