Tomcat7 403 - Access to the requested resouce has been denied

Tomcat7 403 - Access to the requested resouce has been denied

I'm writing some code to practice securing a servlet in the deployment
descriptor, and I'm getting the following in the browser:
HTTP Status 403 - Access to the requested resource has been denied
type Status report
message Access to the requested resource has been denied
description Access to the specified resource has been forbidden.
Apache Tomcat/7.0.42
Any thoughts as to what I'm doing wrong? I've done some searching through
prior posts, and it seems as though there may have been updates to the
role names in Tomcat 7 - I've played with this, but with no success so
far. (Code below).
Thanks, Jeff
web.xml
<?xml version="1.0" ?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<servlet>
<servlet-name>CheckedServlet</servlet-name>
<servlet-class>webcert.ch05.ex0502J.CheckedServlet</servlet-class>
<security-role-ref>
<role-name>MGR</role-name>
<role-link>manager</role-link>
</security-role-ref>
</servlet>
<servlet-mapping>
<servlet-name>CheckedServlet</servlet-name>
<url-pattern>/CheckedServlet</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>CheckedServletConstraint</web-resource-name>
<url-pattern>/CheckedServlet</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>manager</role-name>
</security-role>
CheckedServlet.java
package webcert.ch05.ex0502J;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.security.*;
public class CheckedServlet extends HttpServlet{
protected void doPost(HttpServletRequest request, HttpServletResponse
response)
throws ServletException, IOException {
doGet(request, response);
}
protected void doGet(HttpServletRequest request, HttpServletResponse
response)
throws ServletException, IOException{
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.write("<html><head><title>CheckedServlet</title></head><body>");
String userMessage;
Principal user = request.getUserPrincipal();
if(user == null)
userMessage = "Access denied.";
else
userMessage = "Access granted.";
out.write("<br>" + userMessage + " Principal name is " + user.getName() +
"<br>If authorized, you should see some more text below:");
if(request.isUserInRole("MGR"))
out.write("<br>Here's some super secret extra text since your " +
"role is manager.");
out.write("</body></html>");
out.flush();
out.close();
}
}