	<security-constraint>
		<web-resource-collection>
			<web-resource-name>Protected JSP Area</web-resource-name>
			<url-pattern>/jsp/*</url-pattern>
			<url-pattern>/filetemp/*</url-pattern>
			<url-pattern>/help/*</url-pattern>
			<url-pattern>/report/*</url-pattern>
			<url-pattern>/webdav/filetemp/*</url-pattern>
			<http-method>DELETE</http-method>
			<http-method>GET</http-method>
			<http-method>POST</http-method>
			<http-method>PUT</http-method>
		</web-resource-collection>
		<auth-constraint>
			<role-name>*</role-name>
		</auth-constraint>
<!--
		<user-data-constraint>
			<transport-guarantee>CONFIDENTIAL</transport-guarantee>
		</user-data-constraint>
-->
	</security-constraint>