Free VMware 2V0-72.22 Practice Exam with Questions & Answers

Spring Security uses a filter-based architecture to provide security services for web applications. A filter is an object that intercepts HTTP requests and responses and performs some logic before or after the request is processed by the servlet. Spring Security provides a number of filters for different purposes, such as:

Authentication: Filters that handle the authentication process, such as UsernamePasswordAuthenticationFilter, BasicAuthenticationFilter, RememberMeAuthenticationFilter, etc.

User management: Filters that manage the user details and roles, such as SecurityContextPersistenceFilter, AnonymousAuthenticationFilter, ConcurrentSessionFilter, etc.

Logout: Filters that handle the logout process, such as LogoutFilter and SecurityContextLogoutHandler.

Authorization: Filters that enforce access control rules based on the user’s authentication and roles, such as FilterSecurityInterceptor, ExceptionTranslationFilter, etc.

https://www.diffblue.com/blog/java/software%20development/testing/spring-boot-test-slices-overview-and-usage/

@DirtiesContext @Test void testProcessWhichDirtiesAppCtx() { // some logic that results in the Spring container being dirtied } Dirty the context after the current test method. https://docs.spring.io/spring-framework/reference/testing/annotations/integration-spring/annotation-dirtiescontext.html

A Spring Boot starter dependency is a special type of dependency that provides a convenient way to add multiple, coordinated dependencies related to a specific technology or feature, such as web, JDBC, security, etc. A starter dependency usually has a name that starts with spring-boot-starter- followed by the name of the technology or feature. For example, spring-boot-starter-web is a starter dependency that includes all the dependencies needed for creating web applications with Spring MVC and RESTful services.

This is true because the id/name of a bean declared by the @Bean annotation is derived from the name of the method that returns the bean. In this case, the method name is clientService, so the bean name will be clientService as well. By default, Spring uses a lower-case first letter for bean names, unless explicitly specified otherwise by using the name attribute of the @Bean annotation. For example, we can use @Bean(name = “ClientService”) to change the bean name to ClientService (starting with uppercase “C”).

This is true because the default scope of a bean in Spring is singleton, which means that only one instance of the bean will be created and shared by the entire application context. The @Bean annotation on the accountRepository() method indicates that this method will return a bean that will be managed by Spring. However, this method will not be called every time the bean is needed, but only once when the bean is first created. Therefore, only one AccountRepository bean will be instantiated and injected into the TransferService and AccountService beans.

A. Allow access to a method based on user identity.

This is true because the @PreAuthorize annotation can use the principal object to access the user identity and check if it matches a certain condition. For example, we can use the following expression to allow access only to the user with the username “admin”:

@PreAuthorize(“principal.username == ‘admin’”)

E. Allow access to a method based on roles.

This is true because the @PreAuthorize annotation can use the hasRole, hasAnyRole, or hasAuthority methods to check if the user has a certain role or authority. For example, we can use the following expression to allow access only to users who have the role “ADMIN” or “USER”:

@PreAuthorize(“hasAnyRole(‘ADMIN’, ‘USER’)”)