1. Update web.xml to contain the follwing security constraints(s)
<security-constraint>
<web-resource-collection>
<web-resource-name>
Secure Website Section
</web-resource-name>
<description>
Security constraint for resources in the some/directory
</description>
<url-pattern>/some/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<user-data-constraint>
<description>SSL required</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
2. Add the following attribute to the HTTP connector in server.xml:
