Hi Chgrimm,
I got working with the attached files you have given. But the thing is that I was able to restrict only jsps and not the servlet. in your login.war's web-inf directory I created my CLASSES directory and placed my servlet classes under the packge servlets under CLASSES. So was getting confused what directory name should i restrict in <url-pattern> tag in order to secure the servlet. Following is the directory structure given by you.

LOGINTEST.WAR
|--META-INF
|--RESTRICTED(restricted jsps here)
|--WEB-INF(web.xml & jboss.xml here)
|-- CLASSES
|-- SERVLETS(Here are my servlet class files)

Awaiting your reply.
Thanks & Regards
Sanjay