Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
All,
I was just answering a question on StackOverflow[1] about limiting the
operations a particular user could perform when using the manager app
(e.g. deploy, undeploy, start, stop, etc.).
It seems to me that this has come up on the users' list once or twice
in the past, and it wouldn't be a big deal to support this kind of
thing right out of the box by just defining a number of additional
roles such as:
manager-gui-deploy
manager-gui-undeploy
manager-gui-start
etc.
Is there any interest in doing something like this? My general feeling
is that manager access should either be allowed read-only (which is
covered by the "manager-status" role) or full read/write (which is
covered by the "manager-gui" and "manager-sript" roles) because hey,
you should trust your managers or fire them ;)
On the other hand, if there is significant interest in this kind of
thing, we should support it out of the box.
Hi.
I just installed a Tomcat today on a customer system, and in that case I would have liked
indeed to have a tad more granularity in the out-of-the-box Manager, with respect to what
a given user can do, but maybe not exactly as you describe it above.
Maybe then just for the wish-list :
Say you have one Tomcat, running 4 different applications A1, A2, A3 and A4. Each
application has a person who has the role of "application administrator" :
- User1 is responsible for applications A1 and A4
- User2 is responsible for application A2
- User3 is responsible for application A3
Each of these users should have access to the Manager, but limited as follows :
- User1, User2 and User3 can "see" all applications
- User1 can start, stop, and deploy/undeploy his own applications A1 and A4, but not the
other applications
- User2 can start, stop, and deploy/undeploy his own application A2, but not the other
applications
- User3 can start, stop, and deploy/undeploy his own application A3, but not the other
applications
The scenario is :
- I do not have remote access to the Tomcat host
- there is no local sysadmin
- these Users work in different departments, they do not communicate with eachother, they
are not sysadmins, but each of them is the "person of contact" to whom I would for example
send an updated .war file of the application(s) for which they are responsible, and ask
them to deploy it.
But even if I would send one of them the wrong .war file (or a curious user would just try
to rename a .war file), they should not be able to re-deploy any other than the
application(s) for which they are responsible.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
