Hi is the documentation at http://tomcat.apache.org/tomcat-7.0-doc/manager-howto.html correct. It seems to mention manager as the role then manager-script.
particularly this excerpt - *MemoryRealm* - If you have not customized your $CATALINA_BASE/conf/server.xml to select a different one, Tomcat defaults to an XML-format file stored at $CATALINA_BASE/conf/tomcat-users.xml, which can be edited with any text editor. This file contains an XML <user> for each individual user, which might look something like this: <user name="craigmcc" password="secret" roles="standard,manager-script" /> which defines the username and password used by this individual to log on, and the role names he or she is associated with. You can add the * manager* role to the comma-delimited roles attribute for one or more existing users, and/or create new users with that assigned role. - *JDBCRealm* - Your user and role information is stored in a database accessed via JDBC. Add the *manager-script* role to one or more existing users, and/or create one or more new users with this role assigned, following the standard procedures for your environment. - *JNDIRealm* - Your user and role information is stored in a directory server accessed via LDAP. Add the *manager-script* role to one or more existing users, and/or create one or more new users with this role assigned, following the standard procedures for your environment. The first time you attempt to issue one of the Manager commands described in the next section, you will be challenged to log on using BASIC authentication. The username and password you enter do not matter, as long as they identify a valid user in the users database who possesses the role * manager*.
