Examice

Exam 2v0-7222 All QuestionsBrowse all questions from this exam

Question 14

Which strategy is correct for configuring Spring Security to intercept particular URLs? (Choose the best answer.)

The URLs can be specified via configuration (using authorizeRequests () and request matchers), with the most specific rule first and the least specific last.

Spring Security can obtain URLs from Spring MVC controllers, the Spring Security configuration just needs a reference to the controller to be protected.

The URLs are specified in a special properties file, used by Spring Security.

The URLs can be specified via configuration (using authorizeRequests () and request matchers), with the least specific rule first and the most specific last.

Correct Answer: A

The URLs can be specified via configuration (using authorizeRequests() and request matchers), with the most specific rule first and the least specific last. This is the correct way to configure Spring Security to intercept URLs to ensure that specific rules are evaluated before the more generic ones, thus avoiding incorrect rule application.

Discussion

saJAvaOption: A

it is important that more specific patterns are defined higher in the list than less specific patterns

softartsOption: A

A=>most specific rule first and the least specific last.

james2033Option: D

Quote "A good practice is to define generic rules at the top and more specific rules at the bottom." at https://www.baeldung.com/spring-security-configuring-urls#1-allowing-requests-to-the-products-api