web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:web="http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
	version="3.1">
	<display-name>MoyaTerminalWeb</display-name>
	<context-param>
		<param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
		<param-value>true</param-value>
	</context-param>
	<welcome-file-list>
		<welcome-file>index.html</welcome-file>
		<welcome-file>index.jsf</welcome-file>
	</welcome-file-list>
	<session-config>
		<session-timeout>30</session-timeout>
	</session-config>



	<servlet>
		<servlet-name>Faces Servlet</servlet-name>
		<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
		<load-on-startup>1</load-on-startup>
	</servlet>
	<servlet-mapping>
		<servlet-name>Faces Servlet</servlet-name>
		<url-pattern>*.jsf</url-pattern>
	</servlet-mapping>
	<context-param>
		<param-name>javax.faces.PROJECT_STAGE</param-name>
		<param-value>Development</param-value>
	</context-param>
	<context-param>
		<param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
		<param-value>true</param-value>
	</context-param>
	<login-config>
		<auth-method>CLIENT-CERT</auth-method>
		<realm-name>certificate</realm-name>
	</login-config>
	<security-constraint>
		<display-name>Forbidden resource</display-name>
		<web-resource-collection>
			<web-resource-name>Forbidden</web-resource-name>
			<url-pattern>*.xhtml</url-pattern>
			<url-pattern>/layout/*</url-pattern>
			<url-pattern>/resources/tools/*</url-pattern>
		</web-resource-collection>
		<auth-constraint>
			<description>Thou shall not read the sources or use utils directly
			</description>
		</auth-constraint>
		<user-data-constraint>
			<transport-guarantee>CONFIDENTIAL</transport-guarantee>
		</user-data-constraint>
	</security-constraint>
	<security-constraint>
		<display-name>Resource that needs cert auth</display-name>
		<web-resource-collection>
			<web-resource-name>Forbidden</web-resource-name>
			<url-pattern>/info/*</url-pattern>
		</web-resource-collection>
		<auth-constraint>
			<role-name>TERMINAL/INFO</role-name>
		</auth-constraint>
		<user-data-constraint>
			<transport-guarantee>CONFIDENTIAL</transport-guarantee>
		</user-data-constraint>
	</security-constraint>
	<persistence-unit-ref>
		<persistence-unit-ref-name>BortalEMF</persistence-unit-ref-name>
	</persistence-unit-ref>
</web-app>