tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Gainty <>
Subject RE: virtual hosts and tomcat-users.xml
Date Wed, 29 Apr 2009 00:12:36 GMT

the webapplication web.xml can reference previously defined Resources (UserDatabase) as here
      Link to the UserDatabase instance from which we request lists of
      defined role names.  Typically, this will be connected to the global
      user database with a ResourceLink element in server.xml or the context
      configuration file for the Manager web application.

Here is the applicable UserDatabase which can be configured in $TOMCAT_HOME/conf/server.xml
 <Resource name="UserDatabase" auth="Container"
              description="User database that can be updated and saved"
              pathname="conf/tomcat-users.xml" />
//pathname can point to any user defined xml
<?xml version='1.0' encoding='utf-8'?>
  <role rolename="role1"/>
  <user username="role1" password="tomcat" roles="role1"/>

Disclaimer and Confidentiality/Verzicht und Vertraulichkeitanmerkung / Note de déni et de
This message is confidential. If you should not be the intended receiver, then we ask politely
to report. Each unauthorized forwarding or manufacturing of a copy is inadmissible. This message
serves only for the exchange of information and has no legal binding effect. Due to the easy
manipulation of emails we cannot take responsibility over the the contents.
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist
unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet
keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen
wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire
prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe
quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information
seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les
email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune
responsabilité pour le contenu fourni.

> Date: Tue, 28 Apr 2009 15:10:02 -0700
> Subject: virtual hosts and tomcat-users.xml
> From:
> To:
> I am setting up a handful of virtual hosts on a server, and I have the
> manager app configured as per the docs. How do I configure the
> security for the manager app such that each virtual host has its own
> tomcat-users.xml though, so that the credentials of one virtual host
> can't be used log on to the manager of another?
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

Windows Live™ Hotmail®:…more than just e-mail.
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message