When used inside <security-roles>, this tag lists a single role name which is used by the application.
When used inside <auth-constraint>, this tag lists a single role which is allowed access the area defined by the <security-constraint>.