This topic has not yet been written. The content below is from the topic description.
Figure 1.6. element [Image http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/5/html/Security_Guide/images/webapp_security_constraint.jpg] The content to be secured is declared using one or more elements. Each element contains an optional series of elements followed by an optional series of elements. The element value specifies a URL pattern against which a request URL must match for the request to correspond to an attempt to access secured content. The element value specifies a type of HTTP request to allow. The optional element specifies the requirements for the transport layer of the client to server connection. The requirement may be for content integrity (preventing data tampering in the communication process) or for confidentiality (preventing reading while in transit). The element value specifies the degree to which communication between the client and server should be protected. Its values are NONE, INTEGRAL, and CONFIDENTIAL. A value of NONE means that the application does not require any transport guarantees. A value of INTEGRAL means that the application requires the data sent between the client and server to be sent in such a way that it can not be changed in transit. A value of CONFIDENTIAL means that the application requires the data to be transmitted in a fashion that prevents other entities from observing the contents of the transmission. In most cases, the presence of the INTEGRAL or CONFIDENTIAL flag indicates that the use of SSL is required.