1. Using the method isUserInRole(), overrides any declarative authorization related to method in which it is invoked – isUserInRole() method itself doesn’t do any authorization.
2.
name - value attribute is mandatory for 3. Benefits of the JSP precompilation is , it avoids initialization on the first request.
4.
- valid value in element is either java.lang.Exception or its subclasses
5. findAttribute(“key”, PageContext.SESSION_SCOPE) – findAttribute() method does not have scope parameter.
6. doAfterBody() is only called on the tags that extends IterationTagSupport – No class exist with the name IterationTagSupport.
7. response.setHeader(new HttpHeader(“X-MyHeader”, “34”)) or response.setHeader(new ServletHeader(“X-MyHeader”,”34″)) – no such methods exist.
8. If your deployment descriptor correctly declares an authentication type of CLIENT_CERT, your users must have a certificate from an official source before they can use application.