tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shapira, Yoav" <>
Subject RE: Tomcat Manager roles
Date Thu, 28 Oct 2004 15:14:53 GMT

You can define different Realms for the Manager, as you need.  You can
do so per Host or even per Manager webapp inside its Context.  It's
actually pretty easy.  They can be Memory Realms driven from any file
you want, or any other kind of Realm.

Yoav Shapira

>-----Original Message-----
>From: Robert Humble [mailto:humbler@AGR.GC.CA]
>Sent: Thursday, October 28, 2004 10:38 AM
>To: Tomcat Users List
>Subject: Tomcat Manager roles
>I have setup multiple Manager's and can isolate the apps. The problem
>the tomcat-users.xml file. Both version of the manager use the same
>tomcat-users.xml. The one that was last defined for permission. So when
>I give the developer's access to one manager they can just change the
>port and access the other apps as well. Is there anyway other than
>running totally separate tomcat version to give the developer's access
>to only there app.
>           Thanks
>              Robert
>Hi, I would like to be able to limit the access in Tomcat manager. I
>would like to be able to setup a user account that is able to start,
>stop and remove the examples application, but only the example
>application. The problem is that when I give a user the role manager
>they have access to shutdown and start all the other application. How
>would I set it up so that they can only use the commands for the app
>they are responsible for?
>Here's one idea.  The Manager webapp is designed to manage all apps in
>one Host, for better or worse.  So if you want to have it manage only
>one app, put that app AND the Manager webapp (or a copy of it) in that
>Host.  That means defining multiple Hosts in server.xml, each with its
>own appBase, and moving your webapps around as needed.  It's not a big
>deal, doesn't require any coding.
>To unsubscribe, e-mail:
>For additional commands, e-mail:

This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message