Tomcat's Manager Servlet: Help needed
claus.seitter Aug 4, 2005 6:31 AMWell, I finally got it running but only without security constraints. If I put security-constraints in my manager.war/WEB-INF/web.xml my logons are not accepted, looks like JAAS Domain is messed up. I really like that manager servlet, best of it deplying from my developers machine my local war file up to the server.
Here come excerpts of my config files:
login-config.xml:
<application-policy name = "manager"> <authentication> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required"> <module-option name="usersProperties">tomcat-users.properties</module-option> <module-option name="rolesProperties">tomcat-roles.properties</module-option> </login-module>
context.xml:
<Context path="/manager" docBase="manager" debug="99" privileged="true" reloadable="true" override="true"> <Realm appName="manager" debug="99" className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm" certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping" /> <Logger className="org.jboss.web.tomcat.Log4jLogger" verbosityLevel="DEBUG" prefix="manager" suffix=".txt" category="org.jboss.web.localhost.Engine" /> </Context>
jboss-web.xml:
<jboss-web> <security-domain>java:/jaas/manager</security-domain> </jboss-web>
web.xml:
<!-- Define a Security Constraint on this Application --> <!-- security-constraint> <web-resource-collection> <web-resource-name>manager</web-resource-name> <url-pattern>/jmxproxy/*</url-pattern> <url-pattern>/html/*</url-pattern> <url-pattern>/list</url-pattern> <url-pattern>/sessions</url-pattern> <url-pattern>/start</url-pattern> <url-pattern>/stop</url-pattern> <url-pattern>/install</url-pattern> <url-pattern>/remove</url-pattern> <url-pattern>/deploy</url-pattern> <url-pattern>/undeploy</url-pattern> <url-pattern>/reload</url-pattern> <url-pattern>/save</url-pattern> <url-pattern>/serverinfo</url-pattern> <url-pattern>/status/*</url-pattern> <url-pattern>/roles</url-pattern> <url-pattern>/resources</url-pattern> </web-resource-collection> <auth-constraint> <role-name>tommanager</role-name> </auth-constraint> </security-constraint --> <!-- Define the Login Configuration for this Application --> <login-config> <auth-method>BASIC</auth-method> <realm-name>manager</realm-name> </login-config> <!-- Security roles referenced by this web application --> <security-role> <description> The role that is required to log in to the Manager Application </description> <role-name>tommanager</role-name> </security-role>