0 Replies Latest reply on Aug 4, 2005 6:31 AM by claus seitter

    Tomcat's Manager Servlet: Help needed

    claus seitter Newbie

      Well, I finally got it running but only without security constraints. If I put security-constraints in my manager.war/WEB-INF/web.xml my logons are not accepted, looks like JAAS Domain is messed up. I really like that manager servlet, best of it deplying from my developers machine my local war file up to the server.

      Here come excerpts of my config files:

      login-config.xml:

      <application-policy name = "manager">
       <authentication>
       <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
       flag = "required">
       <module-option name="usersProperties">tomcat-users.properties</module-option>
       <module-option name="rolesProperties">tomcat-roles.properties</module-option>
       </login-module>
      
      

      context.xml:
      <Context path="/manager"
       docBase="manager"
       debug="99"
       privileged="true"
       reloadable="true"
       override="true">
       <Realm appName="manager"
       debug="99"
       className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
       certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
       />
       <Logger className="org.jboss.web.tomcat.Log4jLogger"
       verbosityLevel="DEBUG"
       prefix="manager"
       suffix=".txt"
       category="org.jboss.web.localhost.Engine"
       />
      </Context>
      
      

      jboss-web.xml:
      <jboss-web>
       <security-domain>java:/jaas/manager</security-domain>
      </jboss-web>
      

      web.xml:

       <!-- Define a Security Constraint on this Application -->
       <!-- security-constraint>
       <web-resource-collection>
       <web-resource-name>manager</web-resource-name>
       <url-pattern>/jmxproxy/*</url-pattern>
       <url-pattern>/html/*</url-pattern>
       <url-pattern>/list</url-pattern>
       <url-pattern>/sessions</url-pattern>
       <url-pattern>/start</url-pattern>
       <url-pattern>/stop</url-pattern>
       <url-pattern>/install</url-pattern>
       <url-pattern>/remove</url-pattern>
       <url-pattern>/deploy</url-pattern>
       <url-pattern>/undeploy</url-pattern>
       <url-pattern>/reload</url-pattern>
       <url-pattern>/save</url-pattern>
       <url-pattern>/serverinfo</url-pattern>
       <url-pattern>/status/*</url-pattern>
       <url-pattern>/roles</url-pattern>
       <url-pattern>/resources</url-pattern>
       </web-resource-collection>
      
       <auth-constraint>
       <role-name>tommanager</role-name>
       </auth-constraint>
       </security-constraint -->
      
       <!-- Define the Login Configuration for this Application -->
      
       <login-config>
       <auth-method>BASIC</auth-method>
       <realm-name>manager</realm-name>
       </login-config>
      
       <!-- Security roles referenced by this web application -->
      
       <security-role>
       <description>
       The role that is required to log in to the Manager Application
       </description>
       <role-name>tommanager</role-name>
       </security-role>