<security-constraint>
<web-resource-collection>
<web-resource-name>POSTPermission</web-resource-name>
<url-pattern>/board/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Member</role-name>
</auth-constraint>
</security-constraint>

<security-constraint>
<web-resource-collection>
<web-resource-name>POSTPermission</web-resource-name>
<url-pattern>/board/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-link>NormUser</role-link>
</auth-constraint>
</security-constraint>

<security-constraint>
<web-resource-collection>
<web-resource-name>POSTPermission</web-resource-name>
<url-pattern>/board/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>NormUser</role-name>
</auth-constraint>
</security-constraint>

<security-constraint>
<web-resource-collection>
<web-resource-name>POSTPermission</web-resource-name>
<url-pattern>/board/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-link>NormUser</role-link>
</auth-constraint>
</security-constraint>

<security-constraint>
<web-resource-collection>
<web-resource-name>POSTPermission</web-resource-name>
<url-pattern>/board/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Member</role-name>
</auth-constraint>
</security-constraint>

<security-constraint>
<web-resource-collection>
<web-resource-name>POSTPermission</web-resource-name>
<url-pattern>/board/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>NormUser</role-name>
</auth-constraint>
</security-constraint>