Q1. Define a scriplet and expressions in JSP ? Create a simple JSP page which includes declaration, scriplets, expressions and comments tag in it.

Answer : - Coming Soon




Q2. Define authentication mechanism? Explain any two basic mechanisms through which a web client can authenticate a user to a web server using http authentication.

Answer : - Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be. Authentication technology provides access control for systems by checking to see if a user's credentials match the credentials in a database of authorized users or in a data authentication server.

HTTP authentication - HTTP authentication is the basic authentication which is default when you do not specify an authentication mechanism.

When HTTP authentication is used, the following actions occur :

  1. A client requests access to a protected resource.
  2. The web server returns a dialog box that requests the user name and password.
  3. The client submits the user name and password to the server.
  4. The server validates the credentials and, if successful, returns the requested resource.


HTTPS client authentication - HTTPS Client Authentication is a more secure method of authentication than either basic or form-based authentication. It uses HTTP over SSL (HTTPS), in which the server authenticates the client using the client’s Public Key Certificate (PKC). Secure Sockets Layer (SSL) technology provides data encryption, server authentication, message integrity, and optional client authentication for a TCP/IP connection.

Before using HTTP Client Authentication, you must make sure that the following actions have been completed :

  • Make sure the client has a valid Public Key Certificate.
  • Make sure that SSL support is configured for your server.

Certificate-Based Mutual Authentication

  1. A client requests access to a protected resource.
  2. The web server presents its certificate to the client.
  3. The client verifies the server’s certificate.
  4. If successful, the client sends its certificate to the server.
  5. The server verifies the client’s credentials.
  6. If successful, the server grants access to the protected resource requested by the client.


Username and Password-Based Mutual Authentication

  1. A client requests access to a protected resource.
  2. The web server presents its certificate to the client.
  3. The client verifies the server’s certificate.
  4. If successful, the client sends its user name and password to the server, which verifies the client’s credentials.
  5. If the verification is successful, the server grants access to the protected resource requested by the client.




Q3. Create a LOGIN page using JSP and JDBC. Database is created in Oracle.

Answer : - Coming Soon




Q4. Write a servlet program to fetch and display all the fields of student table having 10 records with field names as student name, enrollment number,email ID and grades achieved in TEE.,

Answer : - Coming Soon




Q5. Define DTD. What is its use in XML?Write the DTD of an XML document that describe the bank account which has the following attributes :
Account number (mandatory)
Customer_id (can be multiple)
First name (mandatory)
Middle name (optional)
Last name (optional)
Account type (mandatory)
Balance (mandatory)

Answer : - A DTD (Document Type Definition) defines the structure and the legal elements and attributes of an XML document. There are two type of DTD : Internal DTD and External DTD


Internal DTD
External DTD

If the DTD is declared inside the XML file, it must be wrapped inside the definition :

Person.xml

<?xml version="1.0" ?>
<!DOCTYPE Person
[
<!ELEMENT Person (FirstName, MiddleName?, LastName)>
<!ELEMENT FirstName (#PCDATA)>
<!ELEMENT MiddleName (#PCDATA)>
<!ELEMENT LastName (#PCDATA)>
]>

<Person>
<FirstName>Debabrata</FirstName>
<LastName>Panchadhyay</LastName>
</Person>
<Person>
<FirstName>Kedar</FirstName>
<MiddleName>Nath</MiddleName>
<LastName>Panchadhyay</LastName>
</Person>

If the DTD is declared in an external file, the definition must contain a reference to the DTD file :

Document.dtd

<!ELEMENT Person (FirstName, MiddleName?, LastName)>
<!ELEMENT FirstName (#PCDATA)>
<!ELEMENT MiddleName (#PCDATA)>
<!ELEMENT LastName (#PCDATA)>


Person.xml

<?xml version="1.0" ?>
<!DOCTYPE Person SYSTEM "Document.dtd">
<Person>
<FirstName>Debabrata</FirstName>
<LastName>Panchadhyay</LastName>
</Person>
<Person>
<FirstName>Kedar</FirstName>
<MiddleName>Nath</MiddleName>
<LastName>Panchadhyay</LastName>
</Person>


Accounts.dtd

<!ELEMENT Account (AccountNumber, Customer+, AccountType, Balance)>
<!ELEMENT AccountNumber (#PCDATA)>
<!ELEMENT Customer (CustomerId, FirstName, MiddleName?, LastName?)>
<!ELEMENT CustomerId (#PCDATA)>
<!ELEMENT FirstName (#PCDATA)>
<!ELEMENT MiddleName (#PCDATA)>
<!ELEMENT LastName (#PCDATA)>
<!ELEMENT AccountType (#PCDATA)>
<!ELEMENT Balance (#PCDATA)>




Q6. What is the purpose of message-driven beans and define its structure? Explain the various circumstances under which a message-driven bean should be used. What makes message driven beans different from session beans?

Answer : - Coming Soon




Q7. Briefly explain any seven JSP implicit objects.

Answer : - Coming Soon




Q8. What are Cookies ? Briefly explain the following methods of Cookie class :
(i) setMaxAge
(ii) setVersion
(iii) setDomain
(iv) setPath

Answer : - Coming Soon




Q9. What is the need of web security ? Explain data integrity and system (7integrity in thecontext of web security.

Answer : - Coming Soon




Q10. What are the advantages of using Java's multiple layer security implementation ? Explain with the help of an example program.

Answer : - Coming Soon