the webapplication web.xml can reference previously defined Resources
(UserDatabase) as here
<resource-env-ref>
<description>
Link to the UserDatabase instance from which we request lists of
defined role names. Typically, this will be connected to the global
user database with a ResourceLink element in server.xml or the context
configuration file for the Manager web application.
</description>
<resource-env-ref-name>users</resource-env-ref-name>
<resource-env-ref-type>
org.apache.catalina.UserDatabase
</resource-env-ref-type>
</resource-env-ref>
Here is the applicable UserDatabase which can be configured in
$TOMCAT_HOME/conf/server.xml
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
//pathname can point to any user defined xml
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="role1"/>
<user username="role1" password="tomcat" roles="role1"/>
</tomcat-users>
HTH
Martin
______________________________________________
Disclaimer and Confidentiality/Verzicht und Vertraulichkeitanmerkung / Note de
déni et de confidentialité
This message is confidential. If you should not be the intended receiver, then
we ask politely to report. Each unauthorized forwarding or manufacturing of a
copy is inadmissible. This message serves only for the exchange of information
and has no legal binding effect. Due to the easy manipulation of emails we
cannot take responsibility over the the contents.
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung.
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung
fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le
destinataire prévu, nous te demandons avec bonté que pour satisfaire informez
l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est
interdite. Ce message sert à l'information seulement et n'aura pas n'importe
quel effet légalement obligatoire. Étant donné que les email peuvent facilement
être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité
pour le contenu fourni.
> Date: Tue, 28 Apr 2009 15:10:02 -0700
> Subject: virtual hosts and tomcat-users.xml
> From: cheshira...@gmail.com
> To: users@tomcat.apache.org
>
> I am setting up a handful of virtual hosts on a server, and I have the
> manager app configured as per the docs. How do I configure the
> security for the manager app such that each virtual host has its own
> tomcat-users.xml though, so that the credentials of one virtual host
> can't be used log on to the manager of another?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
_________________________________________________________________
Windows Live™ Hotmail®:…more than just e-mail.
http://windowslive.com/online/hotmail?ocid=TXT_TAGLM_WL_HM_more_042009
