tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <Craig.McClana...@eng.sun.com>
Subject Re: password and login to admin context
Date Fri, 01 Dec 2000 20:07:41 GMT
David Bussenschutt wrote:

> Ignore my previous mail, I just saw an earlier mail stating that it was a
> known bug that is fixed in 3.2 final. I guess I'll upgrade and try again.
>

It didn't make the docs in the last-minute rush, but there are two things you need
to do if you want to use the administration app under Tomcat 3.2:

* In "$TOMCAT_HOME/conf/server.xml", change the
  entry for the administration application so that it says

        trusted="true"

* Create one or more users who have a role "admin"
  assigned to them.  (The username and password
  do not matter).  For the default realm, that means
  editing file $TOMCAT_HOME/conf/tomcat-users.xml
  and restarting Tomcat.

We didn't want people unknowingly exposing their servers to remote attack, so the
server administrator must take these deliberate steps to make administration
available.


>
> David.
>

Craig McClanahan



Mime
View raw message