It would be quite unsafe to ship Tomcat with default settings that allowed anyone on the Internet to execute the Manager application on your server. Therefore, the Manager application is shipped with the requirement that anyone who attempts to use it must authenticate themselves, using a username and password that have the role manager associated with them. Further, there is no username in the default users file ($CATALINA_HOME/conf/tomcat-users.xml) that is assigned this role. Therefore, access to the Manager application is completely disabled by default.
To enable access to the Manager web application, you must either create a new username/password combination and associate the role name manager with it, or add the manager role to some existing username/password combination. Exactly where this is done depends on which Realm implementation you are using:
* MemoryRealm - If you have not customized your $CATALINA_HOME/conf/server.xml to select a different one, Tomcat 5 defaults to an XML-format file stored at $CATALINA_HOME/conf/tomcat-users.xml, which can be edited with any text editor. This file contains an XML
for each individual user, which might look something like this:
which defines the username and password used by this individual to log on, and the role names he or she is associated with. You can add the manager role to the comma-delimited roles attribute for one or more existing users, and/or create new users with that assigned role.
No comments:
Post a Comment