Is security-constraint configuration for Tomcat mandatory?

Question

In order to do an SSL Configuration testing under Tomcat, is this all mandatory?

This below line is taken from a website:

In order to do this

Answer 1

If you check closer, the blog explains that further:

Any resource in your application can be accessed only with HTTPS be it Servlets or JSP’s. The term CONFIDENTIAL is the term which tells the server to make the application work on SSL. If you want to turn the SSL mode for this application off then just turn don’t delete the fragment. Just put the value as NONE instead of CONFIDENTIAL.