Apply web content security constraints
Example 1.6, “ web.xml descriptor fragment� indicates that any URL lying under the web application's /restricted path requires an AuthorizedUser role. There is no required transport guarantee and the authentication method used for obtaining the user identity is BASIC HTTP authentication. Example 1.6. web.xml descriptor fragment Secure Content /restricted/* AuthorizedUser NONE BASIC The Restricted Zone The role required to access restricted content AuthorizedUser