What is securing a java web application using annotations tutorial? What is the tomcat-users.xml file used for? Is the web.xml file needed when using annotations for configuring security for a web application? Can the authentication method for a web application be specified using annotations? What is the WebServlet annotation? What is the ServletSecurity annotation? What is the HttpConstraint annotation? How are the names of the roles authorized to access a web application specified when using annotations? What packages need to be imported when using annotation in a java web application?