Listing 1
<web-app>
<login-config>
<auth-method>BASIC|DIGEST</auth-method>
<realm-name>test</realm-name>
</login-config>
</web-app>
Listing 2
<web-app>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>login.jsp</form-login-page>
<form-error-page>error.jsp</form-error-page>
</form-login-config>
</login-config>
</web-app>
Listing 3
<web-app>
..
<security-constraint>
<web-resource-collection>
<web-resource-name>
Secure Content
</web-resource-name>
<url-pattern>/restricted/*</ url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>AuthorizedUser</role-name>
</auth-constraint>
</security-constraint>
..
<security-role>
<description>
The role required to access restricted content
</description>
<role-name>AuthorizedUser</role-name>
</security-role>
</web-app>
Listing 4
<method-permission>
<role-name>admin</role-name>
<method>
<ejb-name>UserInformation</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<role-name>customer</role-name>
<method>
<ejb-name>UserInformation</ejb-name>
<method-name>getDetails</method-name>
</method>
</method-permission>