Q.1 Which of the following interfaces or classes is used to retrieve the session associated with a user? (Select one)
a. GenericServlet
b. ServletConfig
c. ServletContext
d. HttpServlet
e. HttpServletRequest
f. HttpServletResponse
a. GenericServlet
b. ServletConfig
c. ServletContext
d. HttpServlet
e. HttpServletRequest
f. HttpServletResponse
Answer: e Explanation
The session associated with a user can only be retrieved using the HttpServlet-Request.getSession() method.
The session associated with a user can only be retrieved using the HttpServlet-Request.getSession() method.
Q.2 Which of the following code snippets, when inserted in the doGet() method, will correctly count the number of GET requests made by a user? (Select one)
a. HttpSession session = request.getSession();
int count = session.getAttribute("count");
session.setAttribute("count", count++);
b. HttpSession session = request.getSession();
int count = (int) session.getAttribute("count");
session.setAttribute("count", count++);
c. HttpSession session = request.getSession();
int count = ((Integer) session.getAttribute("count")).intValue();
session.setAttribute("count", count++);
d. HttpSession session = request.getSession();
int count = ((Integer) session.getAttribute("count")).intValue();
session.setAttribute("count", new Integer(count++));
int count = session.getAttribute("count");
session.setAttribute("count", count++);
b. HttpSession session = request.getSession();
int count = (int) session.getAttribute("count");
session.setAttribute("count", count++);
c. HttpSession session = request.getSession();
int count = ((Integer) session.getAttribute("count")).intValue();
session.setAttribute("count", count++);
d. HttpSession session = request.getSession();
int count = ((Integer) session.getAttribute("count")).intValue();
session.setAttribute("count", new Integer(count++));
Answer: d Explanation
Remember that the setAttribute() and getAttribute() methods only work with objects and not with primitive data types. The getAttribute() method returns an object and so you need to cast the returned value to the actual type (Integer, in this case). Similarly, you need to wrap the count variable into an Integer object and pass it to the setAttribute() method.
Remember that the setAttribute() and getAttribute() methods only work with objects and not with primitive data types. The getAttribute() method returns an object and so you need to cast the returned value to the actual type (Integer, in this case). Similarly, you need to wrap the count variable into an Integer object and pass it to the setAttribute() method.
Q.3 Which of the following methods will be invoked on a session attribute that implements HttpSessionBindingListener when the session is invalidated? (Select one)
a. sessionDestroyed
b. valueUnbound
c. attributeRemoved
d. sessionInvalidated
b. valueUnbound
c. attributeRemoved
d. sessionInvalidated
Answer: b Explanation
When a session is invalidated, all the session attributes are unbound from the session. In the process, if an attribute implements HttpSessionBindingListener, the valueUnbound() method will be called on the attribute.
When a session is invalidated, all the session attributes are unbound from the session. In the process, if an attribute implements HttpSessionBindingListener, the valueUnbound() method will be called on the attribute.
Q.4 Which of the following methods will be invoked on a session attribute that implements appropriate interfaces when the session is invalidated? (Select one)
a. sessionDestroyed of HttpSessionListener
b. attributeRemoved of HttpSessionAttributeListener
c. valueUnbound of HttpSessionBindingListener
d. sessionWillPassivate of HttpSessionActivationListener
b. attributeRemoved of HttpSessionAttributeListener
c. valueUnbound of HttpSessionBindingListener
d. sessionWillPassivate of HttpSessionActivationListener
Answer: c Explanation
Only HttpSessionListeners and HttpSessionAttributeListeners that are configured in the deployment descriptor will receive notification of the events related to each of those interfaces. Therefore, even if a session attribute implements these interfaces, the sessionDestroyed() and attributeRemoved() methods will not be called on that attribute. sessionWillPassivate() is not called when a session is invalidated. The correct answer is therefore c.
Only HttpSessionListeners and HttpSessionAttributeListeners that are configured in the deployment descriptor will receive notification of the events related to each of those interfaces. Therefore, even if a session attribute implements these interfaces, the sessionDestroyed() and attributeRemoved() methods will not be called on that attribute. sessionWillPassivate() is not called when a session is invalidated. The correct answer is therefore c.
Q.5 Which of the following methods will expunge a session object? (Select one)
a. session.invalidate();
b. session.expunge();
c. session.destroy();
d. session.end();
e. session.close();
b. session.expunge();
c. session.destroy();
d. session.end();
e. session.close();
Answer: a Explanation
The invalidate() method of HttpSession invalidates (or expunges) the session object.
The invalidate() method of HttpSession invalidates (or expunges) the session object.
Q.6 Which of the following method calls will ensure that a session will never be expunged by the servlet container? (Select one)
a. session.setTimeout(0);
b. session.setTimeout(-1);
c. session.setTimeout(Integer.MAX_VALUE);
d. session.setTimeout(Integer.MIN_VALUE);
e. None of these.
b. session.setTimeout(-1);
c. session.setTimeout(Integer.MAX_VALUE);
d. session.setTimeout(Integer.MIN_VALUE);
e. None of these.
Answer: e Explanation
The correct method is HttpSession.setMaxInactiveInterval(int seconds);. A negative value (for example, setMaxInactiveInterval(-1)) ensures that the session is never invalidated. However, calling this method affects only the session on which it is called. All other sessions behave normally.
The correct method is HttpSession.setMaxInactiveInterval(int seconds);. A negative value (for example, setMaxInactiveInterval(-1)) ensures that the session is never invalidated. However, calling this method affects only the session on which it is called. All other sessions behave normally.
Q.7 How can you make sure that none of the sessions associated with a web application will ever be expunged by the servlet container? (Select one)
a. session.setMaxInactiveInterval(-1);
b. Set the session timeout in the deployment descriptor to -1.
c. Set the session timeout in the deployment descriptor to 0 or -1.
d. Set the session timeout in the deployment descriptor to 65535.
e. You have to change the timeout value of all the sessions explicitly as soon as they are created.
b. Set the session timeout in the deployment descriptor to -1.
c. Set the session timeout in the deployment descriptor to 0 or -1.
d. Set the session timeout in the deployment descriptor to 65535.
e. You have to change the timeout value of all the sessions explicitly as soon as they are created.
Answer: c Explanation
The setMaxInactiveInterval(-1) method will only affect the session on which it is called. The <session-config> element of web.xml affects all the sessions of the web application. A value of 0 or less ensures that the sessions are never invalidated.
The setMaxInactiveInterval(-1) method will only affect the session on which it is called. The <session-config> element of web.xml affects all the sessions of the web application. A value of 0 or less ensures that the sessions are never invalidated.
<web-app>
...
<session-config>
<session-timeout>0</session-timeout>
</session-config>
...
</web-app>
...
<session-config>
<session-timeout>0</session-timeout>
</session-config>
...
</web-app>
Q.8 In which of the following situations will a session be invalidated? (Select two)
a. No request is received from the client for longer than the session timeout period.
b. The client sends a KILL_SESSION request.
c. The servlet container decides to invalidate a session due to overload.
d. The servlet explicitly invalidates the session.
e. A user closes the active browser window.
f. A user closes all of the browser windows.
b. The client sends a KILL_SESSION request.
c. The servlet container decides to invalidate a session due to overload.
d. The servlet explicitly invalidates the session.
e. A user closes the active browser window.
f. A user closes all of the browser windows.
Answers: a and d Explanation
Sessions will be invalidated only in two cases: when no request comes from the client for more than the session timeout period or when you call the session. invalidate() method on a session. Closing the browser windows does not actually invalidate the session. Even if you close all the browser windows, the session will still be active on the server. The servlet container will only invalidate the session after the timeout period of the session expires.
Sessions will be invalidated only in two cases: when no request comes from the client for more than the session timeout period or when you call the session. invalidate() method on a session. Closing the browser windows does not actually invalidate the session. Even if you close all the browser windows, the session will still be active on the server. The servlet container will only invalidate the session after the timeout period of the session expires.
Q.9 Which method is required for using the URL rewriting mechanism of implementing session support? (Select one)
a. HttpServletRequest.encodeURL()
b. HttpServletRequest.rewriteURL()
c. HttpServletResponse.encodeURL()
d. HttpServletResponse.rewriteURL()
b. HttpServletRequest.rewriteURL()
c. HttpServletResponse.encodeURL()
d. HttpServletResponse.rewriteURL()
Answer: c Explanation
In URL rewriting, the session ID has to be appended to all the URLs. The encode-URL(String url) method of HttpServletResponse does that.
In URL rewriting, the session ID has to be appended to all the URLs. The encode-URL(String url) method of HttpServletResponse does that.
Q.10 The users of your web application do not accept cookies. Which of the following statements are correct? (Select one)
a. You cannot maintain client state.
b. URLs displayed by static HTML pages may not work properly.
c. You cannot use URL rewriting.
d. You cannot set session timeout explicitly.
b. URLs displayed by static HTML pages may not work properly.
c. You cannot use URL rewriting.
d. You cannot set session timeout explicitly.
Answer: b Explanation
If cookies are not supported, you can maintain the state using URL rewriting. Thus, answers a and c are incorrect. URL rewriting requires the session ID to be appended to all the URLs; however, static HTML pages will not have any session ID in the URLs that they display, so they may not work properly. Thus, answer b is correct.
If cookies are not supported, you can maintain the state using URL rewriting. Thus, answers a and c are incorrect. URL rewriting requires the session ID to be appended to all the URLs; however, static HTML pages will not have any session ID in the URLs that they display, so they may not work properly. Thus, answer b is correct.
Once the session is available, it does not matter whether it is maintained using cookies or URL rewriting. You can call all the methods as you would normally would, including session.setMaxInactiveInterval(). Therefore, answer d is wrong.
No comments:
Post a Comment