This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 3a06704 Fix #412. Add commented out users for the Manager app
3a06704 is described below
commit 3a067041e53f5087a79b70dc62c293100b6d2afd
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed May 19 13:03:16 2021 +0100
Fix #412. Add commented out users for the Manager app
Based on a PR by Arnaud Dagnelies.
---
conf/tomcat-users.xml | 24 ++++++++++++++++++------
res/confinstall/tomcat-users_2.xml | 24 ++++++++++++++++++------
webapps/docs/changelog.xml | 5 +++++
3 files changed, 41 insertions(+), 12 deletions(-)
diff --git a/conf/tomcat-users.xml b/conf/tomcat-users.xml
index aef66d0..86b2a4a 100644
--- a/conf/tomcat-users.xml
+++ b/conf/tomcat-users.xml
@@ -20,15 +20,27 @@
xsi:schemaLocation="http://tomcat.apache.org/xml
tomcat-users.xsd"
version="1.0">
<!--
- NOTE: By default, no user is included in the "manager-gui" role required
+ By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
- you must define such a user - the username and password are arbitrary. It is
- strongly recommended that you do NOT use one of the users in the commented
out
- section below since they are intended for use with the examples web
- application.
+ you must define such a user - the username and password are arbitrary.
+
+ Built-in Tomcat manager roles:
+ - manager-gui - allows access to the HTML GUI and the status pages
+ - manager-script - allows access to the HTTP API and the status pages
+ - manager-jmx - allows access to the JMX proxy and the status pages
+ - manager-status - allows access to the status pages only
+
+ The users below are wrapped in a comment and are therefore ignored. If you
+ wish to configure one or more of these users for use with the manager web
+ application, do not forget to remove the <!.. ..> that surrounds them. You
+ will also need to set the passwords to something appropriate.
+-->
+<!--
+ <user username="admin" password="<must-be-changed>" roles="manager-gui"/>
+ <user username="robot" password="<must-be-changed>" roles="manager-script"/>
-->
<!--
- NOTE: The sample user and role entries below are intended for use with the
+ The sample user and role entries below are intended for use with the
examples web application. They are wrapped in a comment and thus are ignored
when reading this file. If you wish to configure these users for use with the
examples web application, do not forget to remove the <!.. ..> that surrounds
diff --git a/res/confinstall/tomcat-users_2.xml
b/res/confinstall/tomcat-users_2.xml
index 9ba20fe..f85002a 100644
--- a/res/confinstall/tomcat-users_2.xml
+++ b/res/confinstall/tomcat-users_2.xml
@@ -1,13 +1,25 @@
<!--
- NOTE: By default, no user is included in the "manager-gui" role required
+ By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
- you must define such a user - the username and password are arbitrary. It is
- strongly recommended that you do NOT use one of the users in the commented
out
- section below since they are intended for use with the examples web
- application.
+ you must define such a user - the username and password are arbitrary.
+
+ Built-in Tomcat manager roles:
+ - manager-gui - allows access to the HTML GUI and the status pages
+ - manager-script - allows access to the HTTP API and the status pages
+ - manager-jmx - allows access to the JMX proxy and the status pages
+ - manager-status - allows access to the status pages only
+
+ The users below are wrapped in a comment and are therefore ignored. If you
+ wish to configure one or more of these users for use with the manager web
+ application, do not forget to remove the <!.. ..> that surrounds them. You
+ will also need to set the passwords to something appropriate.
-->
<!--
- NOTE: The sample user and role entries below are intended for use with the
+ <user username="admin" password="<must-be-changed>" roles="manager-gui"/>
+ <user username="robot" password="<must-be-changed>" roles="manager-script"/>
+-->
+<!--
+ The sample user and role entries below are intended for use with the
examples web application. They are wrapped in a comment and thus are ignored
when reading this file. If you wish to configure these users for use with the
examples web application, do not forget to remove the <!.. ..> that surrounds
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f0a0164..7bbe08c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -112,6 +112,11 @@
is given. (fschumacher)
</fix>
<add>
+ <pr>412</pr>: Add commented out, sample users for the Tomcat Manager
app
+ to the default <code>tomcat-users.xml</code> file. Based on a PR by
+ Arnaud Dagnelies. (markt)
+ </add>
+ <add>
<pr>418</pr>: Add a new option, <code>pass-through</code>, to the
default servlet's <code>useBomIfPresent</code> initialization parameter
that causes the default servlet to leave any BOM in place when
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
