On 04/13/2009 10:30 AM, Caldarale, Charles R wrote:
From: Farid Hamjavar [mailto:hamja...@unm.edu]
Subject: Removal of (or disable) /admin for the user manager
1) remove the row '/admin' all together,
2) if I can not do that, I at least like to
prevent the ability to do any of the actions
mentioned in the 'commands' column (start/stop ,etc,etc).
Do you want to eliminate the admin webapp completely, or just prevent its
manipulation via the manager webapp?
Either would be fine.
Since access to the manager webapp is already controlled, what purpose does
this serve?
Tomcat default users 'admin' and 'manager' are different entities and
I just don't think person who logs in as 'manager' to manage one or more
webapps should also be able to shutdown the server
as is the default case.
Farid
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
