template/WebContent/WEB-INF/web.xml - click - Git at Google

 <?xml version="1.0" encoding="ISO-8859-1"?>
 <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
     version="2.4">

     <display-name>project-name</display-name>

     <!--
     Provides a web application performance filter which compresses the response
     and sets the Expires header on selected static resources.
     The "cachable-paths" init parameter tells the filter resources can have
     their Expires header set so the browser will cache them.
     -->
 	<filter>
 		<filter-name>PerformanceFilter</filter-name>
 		<filter-class>org.apache.click.extras.filter.PerformanceFilter</filter-class>
 		<init-param>
 			<param-name>cachable-paths</param-name>
  			<param-value>/assets/*</param-value>
 		</init-param>
 	</filter>

 	<filter-mapping>
 		<filter-name>PerformanceFilter</filter-name>
 		<servlet-name>ClickServlet</servlet-name>
 	</filter-mapping>

 	<filter-mapping>
 		<filter-name>PerformanceFilter</filter-name>
 		<url-pattern>*.css</url-pattern>
 	</filter-mapping>

 	<filter-mapping>
 		<filter-name>PerformanceFilter</filter-name>
 		<url-pattern>*.js</url-pattern>
 	</filter-mapping>

 	<filter-mapping>
 		<filter-name>PerformanceFilter</filter-name>
 		<url-pattern>*.png</url-pattern>
 	</filter-mapping>

 	<filter-mapping>
 		<filter-name>PerformanceFilter</filter-name>
 		<url-pattern>*.jpg</url-pattern>
 	</filter-mapping>

 	<servlet>
 		<servlet-name>ClickServlet</servlet-name>
 		<servlet-class>org.apache.click.ClickServlet</servlet-class>
   		<load-on-startup>0</load-on-startup>
 	</servlet>

 	<servlet-mapping>
 		<servlet-name>ClickServlet</servlet-name>
 		<url-pattern>*.htm</url-pattern>
 	</servlet-mapping>

 	<welcome-file-list>
  		<welcome-file>redirect.html</welcome-file>
 	</welcome-file-list>

 	<error-page>
         <error-code>403</error-code>
         <location>/not-authorized.htm</location>
     </error-page>

     <security-constraint>
         <web-resource-collection>
             <web-resource-name>admin</web-resource-name>
             <url-pattern>/admin/*</url-pattern>
         </web-resource-collection>
         <auth-constraint>
             <role-name>admin</role-name>
         </auth-constraint>
     </security-constraint>

     <security-constraint>
         <web-resource-collection>
             <web-resource-name>user</web-resource-name>
             <url-pattern>/user/*</url-pattern>
         </web-resource-collection>
         <auth-constraint>
             <role-name>user</role-name>
             <role-name>admin</role-name>
         </auth-constraint>
     </security-constraint>

     <login-config>
         <auth-method>FORM</auth-method>
         <realm-name>Secure Zone</realm-name>
         <form-login-config>
             <form-login-page>/login.htm</form-login-page>
             <form-error-page>/login.htm?auth-error=true</form-error-page>
         </form-login-config>
     </login-config>

     <security-role>
     	<description>admin role - for convenience using existing Tomcat roles</description>
         <role-name>admin</role-name>
     </security-role>

     <security-role>
     	<description>user role - for convenience using existing Tomcat roles</description>
         <role-name>user</role-name>
     </security-role>

 </web-app>
	<?xml version="1.0" encoding="ISO-8859-1"?>
	<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
	version="2.4">

	<display-name>project-name</display-name>

	<!--
	Provides a web application performance filter which compresses the response
	and sets the Expires header on selected static resources.
	The "cachable-paths" init parameter tells the filter resources can have
	their Expires header set so the browser will cache them.
	-->
	<filter>
	<filter-name>PerformanceFilter</filter-name>
	<filter-class>org.apache.click.extras.filter.PerformanceFilter</filter-class>
	<init-param>
	<param-name>cachable-paths</param-name>
	<param-value>/assets/*</param-value>
	</init-param>
	</filter>

	<filter-mapping>
	<filter-name>PerformanceFilter</filter-name>
	<servlet-name>ClickServlet</servlet-name>
	</filter-mapping>

	<filter-mapping>
	<filter-name>PerformanceFilter</filter-name>
	<url-pattern>*.css</url-pattern>
	</filter-mapping>

	<filter-mapping>
	<filter-name>PerformanceFilter</filter-name>
	<url-pattern>*.js</url-pattern>
	</filter-mapping>

	<filter-mapping>
	<filter-name>PerformanceFilter</filter-name>
	<url-pattern>*.png</url-pattern>
	</filter-mapping>

	<filter-mapping>
	<filter-name>PerformanceFilter</filter-name>
	<url-pattern>*.jpg</url-pattern>
	</filter-mapping>

	<servlet>
	<servlet-name>ClickServlet</servlet-name>
	<servlet-class>org.apache.click.ClickServlet</servlet-class>
	<load-on-startup>0</load-on-startup>
	</servlet>

	<servlet-mapping>
	<servlet-name>ClickServlet</servlet-name>
	<url-pattern>*.htm</url-pattern>
	</servlet-mapping>

	<welcome-file-list>
	<welcome-file>redirect.html</welcome-file>
	</welcome-file-list>

	<error-page>
	<error-code>403</error-code>
	<location>/not-authorized.htm</location>
	</error-page>

	<security-constraint>
	<web-resource-collection>
	<web-resource-name>admin</web-resource-name>
	<url-pattern>/admin/*</url-pattern>
	</web-resource-collection>
	<auth-constraint>
	<role-name>admin</role-name>
	</auth-constraint>
	</security-constraint>

	<security-constraint>
	<web-resource-collection>
	<web-resource-name>user</web-resource-name>
	<url-pattern>/user/*</url-pattern>
	</web-resource-collection>
	<auth-constraint>
	<role-name>user</role-name>
	<role-name>admin</role-name>
	</auth-constraint>
	</security-constraint>

	<login-config>
	<auth-method>FORM</auth-method>
	<realm-name>Secure Zone</realm-name>
	<form-login-config>
	<form-login-page>/login.htm</form-login-page>
	<form-error-page>/login.htm?auth-error=true</form-error-page>
	</form-login-config>
	</login-config>

	<security-role>
	<description>admin role - for convenience using existing Tomcat roles</description>
	<role-name>admin</role-name>
	</security-role>

	<security-role>
	<description>user role - for convenience using existing Tomcat roles</description>
	<role-name>user</role-name>
	</security-role>

	</web-app>