Chapter 8: Web Application Administration The web.xml(the deployment descriptor) defines, among other things, the security constraints on the manager application. The following snippet describes the default security constraint definition for the manager Web application. The defined here (shown in bold) specifies that only users in that role can access the manager Web application: HTMLManger and Manager command /jmxproxy/* /html/* /list /sessions /start /stop /install /remove /deploy /undeploy /reload /save /serverinfo /status/* /roles /resources manager The authentication mechanism for the manager application is also defined here. The default setting is BASIC authentication, as shown in the following code. Administrators could set up a more rigorous mechanism for manager application authentication for example, a client-certificate based mechanism (set to CLIENT-CERT): BASIC Tomcat Manager Application The lists all the roles that can log in to the manager application. In this case, it is restricted to only one user role (that is, the manager role): The role that is required to log in to the Manager Application manager
For high quality website hosting services please check java web hosting website.
This entry was posted
on Sunday, April 26th, 2009 at 5:36 pm and is filed under tomcat.
You can follow any responses to this entry through the RSS 2.0 feed.
Responses are currently closed, but you can trackback from your own site.