tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian K. Quade" <>
Subject web site security and users/passwords
Date Sat, 22 Feb 2003 17:02:13 GMT
I have been testing web site security on my test server at home and I 
can authenticate users just fine.  But the only way I can add and remove 
users is to add and remove them in tomcat-users.xml.  But that file is 
owned by the server, so whenever I put my web application out on a host 
server, I won't be able to edit their tomcat-users.xml.  This seems like 
a major design flaw.  Is there any way to administer users from within 
the directory of my own web application and still take advantage of the 
build in web security features of tomcat?

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message