tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joe Emenaker" <...@emenaker.com>
Subject Re: admin user/password
Date Tue, 24 Oct 2000 22:04:57 GMT


> Hello,
> How do I determine/change/etc. the username and password for the /admin
> security context? I've tried the username/passwords from the
> tomcat-users.xml file, but these must relate to something else.

I don't know why nobody talks about this. I've seen numerous postings from
people trying to find out the name/password and all of the posts go,
curiously, unanswered.

Since I haven't yet been brought into the conspiracy of silence on this
matter, I'll tell you what I've found out so far.

Your tomcat-users.xml file seems to define the users that tomcat will know
*how* to authenticate. It also defines the "roles" that they're allowed to
participate in. The stock file, I believe, comes with three users ("tomcat",
"role1", and "both") and two roles ("tomcat" and "role1").

Then, in your web.xml in your admin directory, you should find a section
called "auth-constraint". This lists the roles that are allowed to use that
webapp. In my stock tomcat installation, the only role listed was "admin", a
role that WASN'T EVEN LISTED in tomcat-users.xml.

So, it would seem that there's no way to get into the admin webapp in the
default installation.

What bugs me is that, if you enter a valid username/password combination,
tomcat gives no indication that they're valid... it behaves as though the
name/password are invalid. I would have expected that it would come up with
a page that said that I didn't have the appropriate rights for that webapp
or something. Oh well....

Anyway, what I ended up doing to get it to work was to add a
<role-name>tomcat</role-name> in the auth-constraint section of the admin
web.xml. Then, I was able to log in as "tomcat"/"tomcat".

Now, lets see if you can help ME. When I go into the contextAdmin servlet
and click on "View All Contexts", I get:

    java.lang.NullPointerException:
        at ContextAdmin.init(ContextAdmin.java:46)
        ....

What do you get?

- Joe



Mime
View raw message