A developer has used this code within a servlet: 62.if(request.isUserInRole("vip")) { 63.// VIP-related logic here 64.} What else must the developer do to ensure that the intended security goal is achieved?()
- ACreate a user called vip in the security realm
- BDefine a group within the security realm and call it vip
- CDefine a security-role named vip in the deployment descriptor
- DDeclare a security-role-ref for vip in the deployment descripto