单项选择题 A web application uses the HttpSession mechanism to determine if a user is "logged in." When a usersupplies a valid user name and password， an HttpSession is created for that user. The user has access tothe application for only 15 minutes after logging in. The code must determine how long the user has beenlogged in， and if this time is greater than 15 minutes， must destroy the HttpSession. Which method in HttpSession is used to accomplish this？（）

单项选择题 Given an HttpServletRequest request and an HttpServletResponse response： 41.HttpSession session = null； 42.// insert code here 43.if（session == null） { 44.// do something if session does not exist 45.} else { 46.// do something if session exists47. } To implement the design intent，which statement must be inserted at line 42？（）

多项选择题 WhichtwostatementsaretrueaboutusingtheisUserInRolemethodtoimplementsecurityinaJavaEEapplication？（）