944G5 Web Applications and Services | The University of Sussex | web exam代考 保过

CANDIDATE: please attach Student Support Unit sticker, if relevant THE UNIVERSITY OF SUSSEX MComp FINAL YEAR EXAMINATION MSc EXAMINATION WEB APPLICATIONS AND SERVICES 944G5 You can start this exam at a time of your choosing within a 24 hour window. Once started you will have a set exam duration in which to complete it (note: the assessment will close at end of the 24 hour window; start with sufficient time to complete). If you have extra time due to Reasonable Adjustments this is additional to the exam duration below and has been added to your assessment on Canvas. Date: 19 May 2021 24 Hour Window starts at: 09:30 Exam Duration: 3 hours (including time for scanning, collating, uploading) Candidates should answer TWO questions out of THREE. If all three questions are attempted only the first two answers will be marked. Each question is worth 50 marks. Write or type your answers on A4 paper, scan and save as a single PDF file and upload to Canvas. Please make sure that your submission includes the following: Your candidate number (Do not put your name on your paper) The title of the module and the module code. Read Academic Integrity Statement You MAY access online materials, notes etc. during this examination. You must complete this assessment on your own and in your own words. DO NOT discuss this assessment with others before the end of its 24 hour window. By submitting this assessment you confirm that your assessment includes no instances of academic misconduct, for example plagiarism or collusion. Any instance of academic misconduct will be thoroughly investigated in accordance with our academic misconduct regulations. 944G5 Web Applications and Services 1. (a) Are the following statements true or false? Briefly explain your answer. i. The cookie header is included in server responses when client requests contain the set-cookie header. [3 marks] ii. HTTP is stateless, but stateful applications can be built on top of it by using persistent HTTP connections. [3 marks] iii. HTTP supports a mechanism to prevent malicious third parties tampering with HTTP messages exchanged between a legitimate server and client. [3 marks] iv. Persistent HTTP connections can speed up the downloading of a web page, compared to non-persistent ones. [3 marks] v. A user requests a Web page that consists of the base HTML code, three images, one CSS file and two JavaScript files. For this page the client will send seven HTTP requests (one for each object) and receive seven HTTP responses. [3 marks] vi. FacesServlet is an abstract class that must be sub-classed to override a request method (e.g. doGet()). [3 marks] vii. In Apache Thrift all data structures must be marshalled and sent to the receiver through the RPC channel. [3 marks] viii. The Interface Definition Language for Java Remote Method Invocation is WSDL. [3 marks] (b) The source code below defines a primitive, remote banking service in Thrift’s Interface Definition Language. service SimpleBankingService { // deposit amount to given account void deposit(1:i32 account, 2: double amount), // transfer amount from account1 to account2 void transfer(1:i32 account1, 2:i32 account2, 3: double amount), // withdraw amount from given account void withdraw(1:i32 account, 2: double amount), // get balance of given account double getBalance(1:i32 account), } Are the following statements true or false? Briefly explain your answer. i. The given Thrift service relies on user-defined data types. [5 marks] ii. The parameter amount can be either 4 or 8 bytes long, depending on the underlying programming language. [5 marks] iii. In order to get the balance of a given account, the client would directly call the getBalance() method that accesses the stored data. [5 marks] iv. The stub code for this service can be automatically generated using the given definition. [5 marks] 2 Web Applications and Services 944G5 (c) You are given the REST interaction below. Are the following statements true or false? Briefly explain your answer. REQUEST: GET /hotel/656bcee2-28d2-404b-891b HTTP/1.1 Host: www.somehotelservice.com RESPONSE: HTTP/1.1 200 OK Content-Length: 503 Content-Type: application/json; { “classification”:”Simple”,”name”:”Central”, “Price”: “140 GBP”, … } i. The server can only produce and return a JSON representation of the requested resource. [3 marks] ii. In Java EE, the Java method that handles GET requests for the specific URI must be annotated with the @Produces annotation. [3 marks] 3 Turn over/ 944G5 Web Applications and Services 2. (a) Are the following statements true or false? Briefly explain your answer. i. The presentation tier in the 3-tier architectural model deals with how data is presented to and stored in the back-end storage. [4 marks] ii. Java EE CDI and JSF Beans commonly implement functionality found in the business logic tier of the 3-tier architectural model. [4 marks] iii. In the MVC pattern, the model manages the behaviour and data of the web application. [4 marks] iv. A @RequestScoped CDI bean is short-lived. It is instantiated by the CDI container when a new HTTP session is created and persists until the session expires. [4 marks] (b) Transactions T1 and T2 are scheduled to run in the same application server. They will set the balance of account a to $105 and $110, respectively. The initial balance is $100. The transactions will be scheduled to run one after the other. How can the ‘premature writes’ problem be avoided? Provide a simple example depicting the ‘Dirty Reads’ problem and briefly describe how can this be avoided. [5 marks] (c) For the code below, are the following statements true or false? Briefly explain your answer. i. item is a backing CDI bean. [4 marks] ii. item.quantity will be updated in the model during the ‘update model values’ phase of the JSF lifecycle. [4 marks] iii. The h:inputText element corresponds to a Java object in JSF’s component tree. [4 marks] iv. During the ‘process validations’ phase of the JSF lifecycle, a custom validator will be called to validate the value of the input text component. [4 marks] (d) Can a hash of a message be ‘decrypted’ to get the original message? Explain your answer. [3 marks] (e) For the source code below, are the following statements true or false? Briefly explain your answer. @Entity public class Student { @Id private String name; @ManyToOne() private Department dept; } 4 Web Applications and Services 944G5 i. In the relational database, the primary key for the entity Student will be mapped to the name property. [5 marks] ii. Upon instantiating a Student object, the entity instance gets a persistent identity but is not yet associated with a persistence context. [5 marks] 5 Turn over/ 944G5 Web Applications and Services 3. (a) How are @RequestScoped JSF beans different from @SessionScoped ones? Provide an example usage of these two bean scopes. [5 marks] (b) Are the following statements true or false? Briefly explain your answer. i. With asymmetric encryption, confidentiality in communication can be achieved by encrypting a message in the public key and decrypting it in the private key. [5 marks] ii. In Java EE, servers could get authenticated to clients using digital certificates and clients could get authenticated to servers using form-based authentication. [5 marks] (c) Are the following statements about transactions true or false? Briefly explain your answer. i. To support failure atomicity and durability, objects must be recoverable. [5 marks] ii. The usage of strict two-phase locking precludes the concurrent execution of transactions. [5 marks] (d) Let us assume that the following transactions T and U will be executed on the same server, where x.r(y) and x.w(y) read and write the value y of object x, respectively. Transaction operations are numbered accordingly. T1: bal = b.r(bal); T2: b.w(bal + 0.2 * bal); T3: a.w(bal – 0.2 * bal); U1: bal = b.r(bal); U2: b.w(bal + 0.1 * bal); U3: c.w(bal – 0.1 * bal); i. Which one(s) of the following is/are serially equivalent interleavings? A. T1;T2;T3;U1;U2;U3; B. U1;U2;U3;T1;T2;T3; C. T1;T2;U1;U2;T3;U3; D. U1;U2;T1;T2;U3;T3; E. None of them Briefly explain your answer. [5 marks] ii. Are the following statements true or false? Briefly explain your answer. A. The ‘lost update’ problem cannot occur in this example. [5 marks] B. With two phase-locking, some serially equivalent interleavings cannot occur. [5 marks] (e) Let us assume that 5 processes with identifiers 34, 56, 4, 98 and 44 are arranged in a logical ring (clockwise from 34 to 44). Each process can only communicate with the next process in the ring and all messages are sent clockwise around the ring. The distributed system is asynchronous. 6 Web Applications and Services 944G5 Initially none of the processes participates in any election. Assuming that process 34 initiates an election and that the process with the largest identifier will be elected as the leader, are the following statements true or false? Briefly explain your answer. i. When process 56 receives the first election message, it forwards it without changing its content. [5 marks] ii. Process 98 is the first process that will change its state to nonparticipant. [5 marks] 7 End of Paper

https://www.sussex.ac.uk/study/modules/undergraduate/2023/944G5-web-applications-and-services