tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Turner, John" <JTur...@AAS.com>
Subject RE: Error 500 when trying to run /manager app.
Date Thu, 20 Feb 2003 16:24:38 GMT

Yes, it applies to 4.0.x:
http://jakarta.apache.org/tomcat/tomcat-4.0-doc/manager-howto.html
http://jakarta.apache.org/tomcat/tomcat-4.0-doc/realm-howto.html

Sorry, I'm really not clear what you are asking. The manager docs
specifically state that you must manually add a role of "manager" to any
username that wishes to access the manager app (and likewise, "admin" to
access the admin app).  Shipping Tomcat with a default username with the
role of "manager" already added for you is insecure.

John

> -----Original Message-----
> From: Andoni [mailto:andoni@indigo.ie]
> Sent: Thursday, February 20, 2003 11:16 AM
> To: Tomcat Users List
> Subject: Re: Error 500 when trying to run /manager app.
> 
> 
> I don't see the <role> tag documented anywhere.  Sorry if I missed it.
> 
> It is included in the book I have but all the docs on the 
> site seem to have
> tomcat-users.xml files without it.
> 
> I have just included it in my tomcat 4.0.4 server and now it 
> won't start
> java apps so I'm going to try removing it again.
> 
> Please let me know if it applies to 4.0.x anyway.
> 
> Andoni.
> 
> 
> ----- Original Message -----
> From: "Turner, John" <JTurner@AAS.com>
> To: "'Tomcat Users List'" <tomcat-user@jakarta.apache.org>
> Sent: Thursday, February 20, 2003 3:57 PM
> Subject: RE: Error 500 when trying to run /manager app.
> 
> 
> >
> > See "MemoryRealm":
> >
> > http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html
> >
> > John
> >
> >
> > > -----Original Message-----
> > > From: Andoni [mailto:andoni@indigo.ie]
> > > Sent: Thursday, February 20, 2003 10:57 AM
> > > To: Tomcat Users List
> > > Subject: Re: Error 500 when trying to run /manager app.
> > >
> > >
> > > Where is this "role" tag documented?
> > >
> > > I don't see it anywhere in the docs.  I have the app. 
> appearing on the
> > > screen now and I am about to start testing it but I have not
> > > installed any
> > > "role" tags and there are none in the file.  Are they
> > > necessary?  What do
> > > they do?
> > >
> > > Andoni.
> > > ----- Original Message -----
> > > From: "Roberts, Eric" <Eric.Roberts@one.at>
> > > To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
> > > Sent: Thursday, February 20, 2003 3:39 PM
> > > Subject: RE: Error 500 when trying to run /manager app.
> > >
> > >
> > > Add the role as well
> > >
> > > <?xml version='1.0' encoding='utf-8'?>
> > > <tomcat-users>
> > >   <role rolename="tomcat"/>
> > >   <role rolename="role1"/>
> > >   <role rolename="manager"/>
> > >   <role rolename="admin"/>
> > >   <user username="tomcat" password="tomcat" roles="tomcat"/>
> > >   <user username="both" password="tomcat" roles="tomcat,role1"/>
> > >   <user username="role1" password="tomcat" roles="role1"/>
> > >   <user username="admin" password="admin"
> > > roles="admin,manager,role1,tomcat"/>
> > > </tomcat-users>
> > >
> > >
> > > -----Original Message-----
> > > From: Andoni [mailto:andoni@indigo.ie]
> > > Sent: Donnerstag, 20. Februar 2003 13:15
> > > To: Tomcat Users List
> > > Subject: Error 500 when trying to run /manager app.
> > >
> > >
> > > Hello,
> > >
> > > I am getting an error 500
> > > ServletException
> > > Root Cause:
> > > java.lang.SecurityException: Servlet of class
> > > org.apache.catalina.servlets.ManagerServlet is privileged and
> > > cannot be
> > > loaded by this web application
> > >
> > > Is this because I am using the wrong username / password?
> > >
> > > I have gone to tomcat-users.xml and it looks like:
> > > <tomcat-users>
> > >   <user name="tomcat" password="tomcat" roles="tomcat" />
> > >   <user name="administrator" password="password" 
> roles="manager" />
> > >   <user name="role1"  password="tomcat" roles="role1"  />
> > >   <user name="both"   password="tomcat" roles="tomcat,role1" />
> > > </tomcat-users>
> > >
> > >
> > > I am trying to log in as the "administrator" user that I added.
> > >
> > > What else do I have to do?
> > >
> > > Andoni.
> > >
> > >
> > > 
> ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: 
> tomcat-user-help@jakarta.apache.org
> > >
> > >
> > > 
> ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: 
> tomcat-user-help@jakarta.apache.org
> > >
> > >
> > >
> > > 
> ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: 
> tomcat-user-help@jakarta.apache.org
> > >
> >
> > 
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> >
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message