Sumedha,
I think you are confused here. <security-role> is where you declare your roles in your web-app.
< security-role> < role-name>Admin</role-name> </ security-role>
< security-role><role-name>Member</role-name> < /security-role>
< security-role><role-name>Guest</role-name> </ security-role>
From your <security-role-ref> you will map what ever you use in your isUserInRole("") to one of the roles mentioned above. If you closely look at the tags from the page you are citing you will find a </serlet> closing tag.
Hope this helps.