A customer has enabled LTPA as their authentication mechanism and has web resources that are
not secured by proper security constraints. A system administrator is required to ensure that all
web resources are secured.
How should the administrator accomplish this?
A.
Enable “Authenticate when any URI is accessed”.
B.
Enable “Authenticate only when the URI is protected”.
C.
Enable “Authenticate only when the URI is protected”.
D.
Map the application security roles to the configured user registry’s groups.
Damn. First of all: What is the diffence between Answer B. and C. ?
Its A:
http://www-01.ibm.com/support/knowledgecenter/SSAW57_8.0.0/com.ibm.websphere.nd.doc/info/ae/ae/usec_webauth.html
Authenticate when any URI is accessed
The web client must provide authentication data regardless of whether the URI is protected.
0
0
A
0
0
A.
Enable “Authenticate when any URI is accessed”.
https://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.base.doc/ae/usec_webauth.html
0
0
Answers B and C are incomplete. There are second sentences missing in B and C. I dont remember precisely, but in B there was DISABLE for another option and in C – conversely – ENABLE second option.
0
0