Author: markt
Date: Mon Jan 17 17:31:45 2011
New Revision: 1060015
URL: http://svn.apache.org/viewvc?rev=1060015&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50599
Use correct names of security roles for Manager app
Modified:
tomcat/trunk/java/org/apache/catalina/ant/package.html
tomcat/trunk/webapps/docs/appdev/build.xml.txt
tomcat/trunk/webapps/docs/appdev/processes.xml
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/funcspecs/fs-admin-apps.xml
tomcat/trunk/webapps/docs/realm-howto.xml
Modified: tomcat/trunk/java/org/apache/catalina/ant/package.html
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ant/package.html?rev=1060015&r1=1060014&r2=1060015&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/ant/package.html (original)
+++ tomcat/trunk/java/org/apache/catalina/ant/package.html Mon Jan 17 17:31:45
2011
@@ -46,7 +46,7 @@ sent directly to the Manager application
<td align="center">username</td>
<td>
The username of a Tomcat user that has been configured with the
- <code>manager</code> role, as required to execute Manager
+ <code>manager-script</code> role, as required to execute Manager
application commands. This attribute is required.
</td>
</tr>
@@ -54,7 +54,7 @@ sent directly to the Manager application
<td align="center">password</td>
<td>
The password of a Tomcat user that has been configured with the
- <code>manager</code> role, as required to execute Manager
+ <code>manager-script</code> role, as required to execute Manager
application commands. This attribute is required.
</td>
</tr>
Modified: tomcat/trunk/webapps/docs/appdev/build.xml.txt
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/appdev/build.xml.txt?rev=1060015&r1=1060014&r2=1060015&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/appdev/build.xml.txt (original)
+++ tomcat/trunk/webapps/docs/appdev/build.xml.txt Mon Jan 17 17:31:45 2011
@@ -113,7 +113,7 @@
Defaults to "dist".
manager.password The login password of a user that is assigned the
- "manager" role (so that he or she can execute
+ "manager-script" role (so that he or she can execute
commands via the "/manager" web application)
manager.url The URL of the "/manager" web application on the
@@ -121,7 +121,7 @@
applications and web services.
manager.username The login username of a user that is assigned the
- "manager" role (so that he or she can execute
+ "manager-script" role (so that he or she can execute
commands via the "/manager" web application)
-->
Modified: tomcat/trunk/webapps/docs/appdev/processes.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/appdev/processes.xml?rev=1060015&r1=1060014&r2=1060015&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/appdev/processes.xml (original)
+++ tomcat/trunk/webapps/docs/appdev/processes.xml Mon Jan 17 17:31:45 2011
@@ -63,12 +63,12 @@ once (no matter how many web application
<br/><br/></li>
<li><em>Define one or more Tomcat users</em>. The <em>Manager</em> web
application runs under a security constraint that requires a user to be
- logged in, and have the security role <code>manager</code> assigned to
- him or her. How such users are defined depends on which Realm you have
+ logged in, and have the security role <code>manager-script</code> assigned
+ to him or her. How such users are defined depends on which Realm you have
configured in Tomcat's <code>conf/server.xml</code> file -- see the
<a href="../realm-howto.html">Realm Configuration HOW-TO</a> for more
information. You may define any number of users (with any username
- and password that you like) with the <code>manager</code> role.
+ and password that you like) with the <code>manager-script</code> role.
<br/><br/></li>
</ul>
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1060015&r1=1060014&r2=1060015&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Jan 17 17:31:45 2011
@@ -121,6 +121,10 @@
Correct the documentation for the recoveryCount count attribute of the
the default cluster membership. (markt)
</fix>
+ <fix>
+ <bug>50599</bug>: Use correct names of roles required to access the
+ Manager application. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Other">
Modified: tomcat/trunk/webapps/docs/funcspecs/fs-admin-apps.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/funcspecs/fs-admin-apps.xml?rev=1060015&r1=1060014&r2=1060015&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/funcspecs/fs-admin-apps.xml (original)
+++ tomcat/trunk/webapps/docs/funcspecs/fs-admin-apps.xml Mon Jan 17 17:31:45
2011
@@ -261,10 +261,10 @@
<p>In addition, this web application shall conform to the following
requirements:</p>
<ul>
- <li>All request URIs shall be protected by a security constraint that
- requires security role <code>manager</code> for processing.</li>
+ <li>All request URIs shall be protected by security constraints that
+ require a security role to be assigned for processing.</li>
<li>The default user database shall <strong>not</strong> contain any
- user that has been assigned the role <code>manager</code>.</li>
+ user that has been assigned a security role.</li>
</ul>
<h5>HTML-Based Web Application</h5>
Modified: tomcat/trunk/webapps/docs/realm-howto.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/realm-howto.xml?rev=1060015&r1=1060014&r2=1060015&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/realm-howto.xml (original)
+++ tomcat/trunk/webapps/docs/realm-howto.xml Mon Jan 17 17:31:45 2011
@@ -250,15 +250,16 @@ and log on with one of the usernames and
<p>If you wish to use the <a href="manager-howto.html">Manager Application</a>
to deploy and undeploy applications in a running Tomcat installation, you
-MUST add the "manager" role to at least one username in your selected Realm
-implementation. This is because the manager web application itself uses a
-security constraint that requires role "manager" to access ANY request URI
-within that application.</p>
+MUST add the "manager-gui" role to at least one username in your selected
+Realm implementation. This is because the manager web application itself uses
a
+security constraint that requires role "manager-gui" to access ANY request URI
+within the HTML interface of that application.</p>
<p>For security reasons, no username in the default Realm (i.e. using
-<code>conf/tomcat-users.xml</code> is assigned the "manager" role. Therefore,
-no one will be able to utilize the features of this application until the
-Tomcat administrator specifically assigns this role to one or more users.</p>
+<code>conf/tomcat-users.xml</code> is assigned the "manager-gui" role.
+Therefore, no one will be able to utilize the features of this application
+until the Tomcat administrator specifically assigns this role to one or more
+users.</p>
</subsection>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
