<?xml version="1.0" encoding="UTF-8"?><web-app xmlns="http://java.sun.com/xml/

1. <?xml version="1.0" encoding="UTF-8"?>
2. <web-app xmlns="http://java.sun.com/xml/ns/javaee"
3.         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4.         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
5.         version="3.0">
6.  
7.     <display-name>Groupon Fidelidade</display-name>
8.  
9.     <context-param>
10.         <param-name>primefaces.THEME</param-name>
11.         <param-value>none</param-value>
12.     </context-param>
13.  
14.     <!--Project Stage Level-->
15.     <context-param>
16.         <param-name>javax.faces.PROJECT_STAGE</param-name>
17.         <param-value>Development</param-value>
18.     </context-param>
19.  
20.     <!-- Welcome Page -->
21.     <welcome-file-list>
22.         <welcome-file>start.jsp</welcome-file>
23.     </welcome-file-list>
24.  
25.     <servlet>
26.         <servlet-name>Faces Servlet</servlet-name>
27.         <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
28.         <load-on-startup>1</load-on-startup>
29.     </servlet>
30.  
31.     <servlet-mapping>
32.         <servlet-name>Faces Servlet</servlet-name>
33.         <url-pattern>/faces/*</url-pattern>
34.     </servlet-mapping>
35.  
36.     <security-constraint>
37.         <web-resource-collection>
38.             <web-resource-name>Admin Area</web-resource-name>
39.             <url-pattern>/faces/admin/*</url-pattern>
40.         </web-resource-collection>
41.         <auth-constraint>
42.             <role-name>Administrator</role-name>
43.         </auth-constraint>
44.     </security-constraint>
45.  
46.     <security-constraint>
47.         <web-resource-collection>
48.             <web-resource-name>Manager Area</web-resource-name>
49.             <url-pattern>/faces/manager/*</url-pattern>
50.         </web-resource-collection>
51.         <auth-constraint>
52.             <role-name>Manager</role-name>
53.             <role-name>Administrator</role-name>
54.         </auth-constraint>
55.     </security-constraint>
56.  
57.     <security-constraint>
58.         <web-resource-collection>
59.             <web-resource-name>Operator Area</web-resource-name>
60.             <url-pattern>/faces/operator/*</url-pattern>
61.         </web-resource-collection>
62.         <auth-constraint>
63.             <role-name>Operator</role-name>
64.             <role-name>Manager</role-name>
65.             <role-name>Administrator</role-name>
66.         </auth-constraint>
67.     </security-constraint>
68.  
69.     <security-constraint>
70.         <web-resource-collection>
71.             <web-resource-name>Unrestricted Area</web-resource-name>
72.             <url-pattern>/faces/includes/*</url-pattern>
73.             <url-pattern>/faces/resources/*</url-pattern>
74.         </web-resource-collection>
75.     </security-constraint>
76.  
77.     <userName-config>
78.         <auth-method>FORM</auth-method>
79.         <realm-name>ReportRealm</realm-name>
80.         <form-userName-config>
81.             <form-userName-page>/faces/Login.xhtml</form-userName-page>
82.             <form-error-page>/faces/Login.xhtml</form-error-page>
83.         </form-userName-config>
84.     </userName-config>
85.  
86.     <security-role>
87.         <role-name>Administrator</role-name>
88.     </security-role>
89.     <security-role>
90.         <role-name>Manager</role-name>
91.     </security-role>
92.     <security-role>
93.         <role-name>Operator</role-name>
94.     </security-role>
95.  
96.     <error-page>
97.         <error-code>403</error-code>
98.         <location>/faces/AccessDenied.xhtml</location>
99.     </error-page>
100.  
101. </web-app>