Java Servlets and JSP Interview Questions and Answers - 2

Question: 6

What are different Authentication options available in servlets?

There are four ways of authentication

HTTP basic authentication

HTTP digest authentication

HTTPS client authentication

Form based authentication

HTTP basic authentication: In HTTP basic authentication the server uses the username and password send by the client. The password is sent using simple base64 encoding but it’s not encrypted.

HTTP digest authentication: HTTP digest authentication is same as HTTP basic authentication but the biggest difference is password is encrypted and transmitted using SHA or MD5.

HTTPS client authentication: HTTPS client authentication is based on HTTP over SSL. It requires that the end client should posses a PKC (Public Key Certificate). This verifies the browsers identity.

Form based authentication: In Form based the web container invokes a login page. The invoked login page is used to collect username and password.

Question: 7

What are the two important API’s in for Servlets?

Two important packages are required to build servlet “javax.servlet” and javax.servlet.http.

They form the core of Servlet API. Servlets are not part of core Java but are standard extension provided by Tomcat.

Question: 8

How do we prevent browser from caching output of my JSP pages?

You can prevent pages from caching JSP pages output using the below code snippet.

<%response.setHeader (“Cache=control”, “no-cache”); //HTP 1.1

response.setHeader (Pragma”, “no-cache”); //HTP 1.0

response.setDateHeader (“Expires”, 0); //prevents caching at the proxy server

 %>

Question: 9

What are JSP directives?

JSP directives do not produce any output. They are used to get global values like class declaration, context type etc. Directives have scope for entire JSP file. They start with <%@ and ends with %>.

There are three main directives that can be used in JSP:

page directive

include directive

taglib directive

Question: 10

Why HTTP protocol called as a stateless protocol?

A protocol is stateless if it cannot remember difference between one client request and the other. HTTP is a stateless protocol because each request is executed independently without any knowledge of the requests that came before it.

Related Questions