Examice

Exam 2v0-7222 All QuestionsBrowse all questions from this exam

Go to Exam

Question 5

Which two statements are true regarding Spring Security? (Choose two.)

Access control can be configured at the method level.

A special Java Authentication and Authorization Service (JAAS) policy file needs to be configured.

Authentication data can be accessed using a variety of different mechanisms, including databases and LDAP.

In the authorization configuration, the usage of permitAll () allows bypassing Spring security completely.

It provides a strict implementation of the Java EE Security specification.

Correct Answer: A, C

Spring Security allows configuring access control at the method level, enabling fine-grained security management through annotations and configuration. Additionally, Spring Security supports various mechanisms for accessing authentication data, such as databases, LDAP, and more, providing flexibility in how authentication information is retrieved and managed.

Discussion

trungviettriOptions: AC

A,C correct

james2033Options: AC

A and C.

zakupowerOptions: AC

permitAll() does not bypass security entirely, it just allows access to the specified matcher, but other security related filters still run. e.g. cors, cqrs ...

Azuni

Correct. The only way to bypass Spring Security completely is to use a WebSecurityCustomizer with the .ignore() method.

Tolo01Options: AC

A and C are the best answer