<web-app>
  <display-name>Przykad podstawowego uwierzytelniania</display-name>

  <servlet>
    <servlet-name>AxisServletProtected</servlet-name>
    <display-name>Apache-Axis Servlet</display-name>
    <servlet-class>org.apache.axis.transport.http.AxisServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>AxisServletProtected</servlet-name>
      <url-pattern>services/protected</url-pattern>
    </servlet-mapping>
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Protected Area</web-resource-name>
      <!-- Definiujemy chronione adresy URL (wzgldnie wobec kontekstu) -->
      <url-pattern>/services/protected</url-pattern>
      <!-- Jeeli wymienisz metody http, to tylko one bd chronione -->
      <http-method>GET</http-method>
      <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
      <!-- Kady wystpujcy w jednej z niej wymienionych rl moe korzysta z tych zasobw -->
      <role-name>MyCustomer</role-name>
    </auth-constraint>
  </security-constraint>
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Protected Area</realm-name>
  </login-config>
</web-app>
