Yes, it applies to 4.0.x: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/manager-howto.html http://jakarta.apache.org/tomcat/tomcat-4.0-doc/realm-howto.html
Sorry, I'm really not clear what you are asking. The manager docs specifically state that you must manually add a role of "manager" to any username that wishes to access the manager app (and likewise, "admin" to access the admin app). Shipping Tomcat with a default username with the role of "manager" already added for you is insecure. John > -----Original Message----- > From: Andoni [mailto:[EMAIL PROTECTED]] > Sent: Thursday, February 20, 2003 11:16 AM > To: Tomcat Users List > Subject: Re: Error 500 when trying to run /manager app. > > > I don't see the <role> tag documented anywhere. Sorry if I missed it. > > It is included in the book I have but all the docs on the > site seem to have > tomcat-users.xml files without it. > > I have just included it in my tomcat 4.0.4 server and now it > won't start > java apps so I'm going to try removing it again. > > Please let me know if it applies to 4.0.x anyway. > > Andoni. > > > ----- Original Message ----- > From: "Turner, John" <[EMAIL PROTECTED]> > To: "'Tomcat Users List'" <[EMAIL PROTECTED]> > Sent: Thursday, February 20, 2003 3:57 PM > Subject: RE: Error 500 when trying to run /manager app. > > > > > > See "MemoryRealm": > > > > http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html > > > > John > > > > > > > -----Original Message----- > > > From: Andoni [mailto:[EMAIL PROTECTED]] > > > Sent: Thursday, February 20, 2003 10:57 AM > > > To: Tomcat Users List > > > Subject: Re: Error 500 when trying to run /manager app. > > > > > > > > > Where is this "role" tag documented? > > > > > > I don't see it anywhere in the docs. I have the app. > appearing on the > > > screen now and I am about to start testing it but I have not > > > installed any > > > "role" tags and there are none in the file. Are they > > > necessary? What do > > > they do? > > > > > > Andoni. > > > ----- Original Message ----- > > > From: "Roberts, Eric" <[EMAIL PROTECTED]> > > > To: "Tomcat Users List" <[EMAIL PROTECTED]> > > > Sent: Thursday, February 20, 2003 3:39 PM > > > Subject: RE: Error 500 when trying to run /manager app. > > > > > > > > > Add the role as well > > > > > > <?xml version='1.0' encoding='utf-8'?> > > > <tomcat-users> > > > <role rolename="tomcat"/> > > > <role rolename="role1"/> > > > <role rolename="manager"/> > > > <role rolename="admin"/> > > > <user username="tomcat" password="tomcat" roles="tomcat"/> > > > <user username="both" password="tomcat" roles="tomcat,role1"/> > > > <user username="role1" password="tomcat" roles="role1"/> > > > <user username="admin" password="admin" > > > roles="admin,manager,role1,tomcat"/> > > > </tomcat-users> > > > > > > > > > -----Original Message----- > > > From: Andoni [mailto:[EMAIL PROTECTED]] > > > Sent: Donnerstag, 20. Februar 2003 13:15 > > > To: Tomcat Users List > > > Subject: Error 500 when trying to run /manager app. > > > > > > > > > Hello, > > > > > > I am getting an error 500 > > > ServletException > > > Root Cause: > > > java.lang.SecurityException: Servlet of class > > > org.apache.catalina.servlets.ManagerServlet is privileged and > > > cannot be > > > loaded by this web application > > > > > > Is this because I am using the wrong username / password? > > > > > > I have gone to tomcat-users.xml and it looks like: > > > <tomcat-users> > > > <user name="tomcat" password="tomcat" roles="tomcat" /> > > > <user name="administrator" password="password" > roles="manager" /> > > > <user name="role1" password="tomcat" roles="role1" /> > > > <user name="both" password="tomcat" roles="tomcat,role1" /> > > > </tomcat-users> > > > > > > > > > I am trying to log in as the "administrator" user that I added. > > > > > > What else do I have to do? > > > > > > Andoni. > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
