This is really a servlet container question, rather than being JBoss specific. However, you would set your security constraint in the web.xml:
Read further on web application web.xml configuration. Additionally, you will need to configure Jetty for SSL. See this FAQ:
http://www.jboss.org/modules/bb/index.html?module=bb&op=viewtopic&t= also see http://jetty.mortbay.org for the definitive information on Jetty configuration.