Tomcat Users

Apache Tomcat configuration is enabled in four different files: 1. User-connectivity.properties located in Ephesoft Installation FolderApplicationWEB-INFclassesMETA-INFdcma-user-connectivityuser-connectivity.properties This file contains the settings necessary to populate groups’ names in Ephesoft Batch Class Management. Tomcat users are defined in the file – $TOMCATHOME/conf/tomcat-users.xml, by default, there is NO user, it means no one can access the Tomcat manager page. To enable users to access the Tomcat manager page, add a user as the role manager-gui.

Tomcat Users Xml Example

posted 13 years ago
  • Optional 'thank-you' note:
Is it possible reread tomcat-users.xml without restarting tomcat?
While using 'Tomcat Administrative Tool' I found that I can update the roles of a non-admin user to include admin and could loging successfully.
While the same thing doesn't work in my web apps.
I would like to know how this can be achieved.
Usersposted 13 years ago
  • Optional 'thank-you' note:
Duplicate of:
Did you see the answer in your first post?
If so, and you have follow up questions, it would be better to post to that thread than to start another.

Download Netbeans

Tomcat Users Location

Download Netbeans to your local computer. Be sure to download aversion of Netbeans that includes Tomcat. The labs are still using NetBeans 8.2, so thatis the one I recommend that you download to your computer. NetBeans is transitioning from Oracle to Apache. For now, we will stay with the last, stable, Oracle release.

If you have already installed Netbeans and did not install the Web version or thefull version, then download either of those versions and reinstall. Netbeans will upgrade your current installation.


Editing tomcat-users.xml

All web applications that are deployed to my Tomcat server on ocelot mustuse the secure web.xml file, which only allows access to your web applicationsto you and me. In order to make it easy to develop locally and deploy remotely,it is necessary to set up your local Tomcat server that Netbeans is using, so that italso restricts access to your web applications.

Before you can edit the tomcat-users file, you must run a web application in NetBeans. Once a web application is run, then Tomcat will create many files and folders, including the tomcat-users file.

Edit the tomcat-users.xml file. This is the file thatidentifies the users and their roles in Netbeans. Some roles arepredefined by Tomcat: manager and admin. These roles give access to the adminand manager applications. Other roles can be created and then used to restrictaccess to resources. Each user name is assigned various roles.

To edit the tomcat-users.xml file:

Tomcat users xml manager gui
  1. Click Tools -> Servers
  2. Copy the path of the Catalina Base folder (not the Catalina Home folder) and close the dialog window.
  3. Click File -> Open File
  4. Paste the path to the Catalina Base folder in the File Name box and hit Enter.
  5. Change to the conf sub-folder.
  6. Open tomcat-users.xml

You have a copy of tomcat-users.xml in your local directory. You have theability to edit this file to configure who has access to your web applications.

  1. After the last role in the file, add a role for your user name
    <role rolename='your-user-name' />
  2. After the last user in the file, add a user for your user name
    <user username='your-user-name'
    roles='your-user-name,manager,manager-script,manager-gui' />

Refer to this example of a tomcat-users file. Anything between an opening <!-- and --> is a comment.

  1. Do not remove the user entry for ide. It is the username that Netbeans uses to manage your web applications.
  2. Add the role before any user tags.
  3. Be sure all the tags are before the closing <tomcat-users> tag.

Restart tomcat after modifying the tomcat users file. Go to the Services tab, select Servers, Select Tomcat, right-click and choose restart.

Using the secure web.xml file

Newer versions of NetBeans do not add a web.xml to the web application, automatically. To add a web.xml to your web app, select File -> New File -> Web -> Standard Deployment Descriptor (web.xml).

The final step is to use the secure web.xml file for your web appilcation. When you run the application, it will force you to log in, using the tomcat passwordthat I sent to you. Once this is done, you will be able to deploy your webapplication to ocelot without having to change it.

Don't forget to edit the secure web.xml file and change all occurences of your-user-namewith your PantherMail username.