What about commented out entries for the admin and manager roles and
resp. users and password set to "changeme"?
Peter Rossbach wrote:
Yes, defaults are very fine, but secret parameter need active user
interaction.
also -1
Peter
Am 28.04.2006 um 11:54 schrieb Remy Maucherat:
Mladen Turk wrote:
Hi,
The provided tomcat-users.xml is obviously used
as an example.
Can we tweak that so that it actually allows
the admin and manager users?
Sorry, but it's a bad idea.
The purpose would be the same (example), but
it will allow to run the provided web apps without
additional editing.
And most people wouldn't be changing them, creating a security problem.
Any objections if I put the 'real' values there?
-1.
Rémy
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
