0 Replies Latest reply on Aug 4, 2005 6:31 AM by claus.seitter

    Tomcat's Manager Servlet: Help needed

    claus.seitter
    claus.seitter Aug 4, 2005 6:31 AM

      Well, I finally got it running but only without security constraints. If I put security-constraints in my manager.war/WEB-INF/web.xml my logons are not accepted, looks like JAAS Domain is messed up. I really like that manager servlet, best of it deplying from my developers machine my local war file up to the server.

      Here come excerpts of my config files:

      login-config.xml:

      <application-policy name = "manager">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
 flag = "required">
 <module-option name="usersProperties">tomcat-users.properties</module-option>
 <module-option name="rolesProperties">tomcat-roles.properties</module-option>
 </login-module>

      context.xml: 
      <Context path="/manager"
 docBase="manager"
 debug="99"
 privileged="true"
 reloadable="true"
 override="true">
 <Realm appName="manager"
 debug="99"
 className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
 certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
 />
 <Logger className="org.jboss.web.tomcat.Log4jLogger"
 verbosityLevel="DEBUG"
 prefix="manager"
 suffix=".txt"
 category="org.jboss.web.localhost.Engine"
 />
</Context>

      jboss-web.xml: 
      <jboss-web>
 <security-domain>java:/jaas/manager</security-domain>
</jboss-web>

      web.xml: 

       <!-- Define a Security Constraint on this Application -->
 <!-- security-constraint>
 <web-resource-collection>
 <web-resource-name>manager</web-resource-name>
 <url-pattern>/jmxproxy/*</url-pattern>
 <url-pattern>/html/*</url-pattern>
 <url-pattern>/list</url-pattern>
 <url-pattern>/sessions</url-pattern>
 <url-pattern>/start</url-pattern>
 <url-pattern>/stop</url-pattern>
 <url-pattern>/install</url-pattern>
 <url-pattern>/remove</url-pattern>
 <url-pattern>/deploy</url-pattern>
 <url-pattern>/undeploy</url-pattern>
 <url-pattern>/reload</url-pattern>
 <url-pattern>/save</url-pattern>
 <url-pattern>/serverinfo</url-pattern>
 <url-pattern>/status/*</url-pattern>
 <url-pattern>/roles</url-pattern>
 <url-pattern>/resources</url-pattern>
 </web-resource-collection>

 <auth-constraint>
 <role-name>tommanager</role-name>
 </auth-constraint>
 </security-constraint -->

 <!-- Define the Login Configuration for this Application -->

 <login-config>
 <auth-method>BASIC</auth-method>
 <realm-name>manager</realm-name>
 </login-config>

 <!-- Security roles referenced by this web application -->

 <security-role>
 <description>
 The role that is required to log in to the Manager Application
 </description>
 <role-name>tommanager</role-name>
 </security-role>


      • 2631 Views
      • Tags: