MCQs
In a bean's security:intercept-methods, you can specify multiple security:protect elements to specify access attributes for this bean's methods.
Spring Web Flow builds in several state types, including view state, action state, decision state, subflow state, and end state.
You can specify multiple access attributes required for accessing this web flow in the attributes attribute, separated by commas.
If you want to implement filter-like functionality but want to have full access to the Spring context's life cycle machinery and dependency injection, use the DelegatingFilterProxy class.
You have to register the flow execution listener SecurityFlowExecutionListener in the flow executor to enable Spring Security for web flow.
In the web deployment descriptor (i.e., web.xml), you register ContextLoaderListener to load the root application context at startup.
To connect to a database in the Apache Derby server, you need the Derby client .jars, as well as the Spring JDBC support.
Spring provides the ActionSupport class, a subclass of the Action base class that has a convenient getWebApplicationContext() method for you to access Spring's application context.
If you would like to use a custom access decision manager, you can specify it in the access-decision-manager-ref.
Remember-me support can be configured via the remember-me element.