https://issues.apache.org/bugzilla/show_bug.cgi?id=53633
--- Comment #2 from Dennis Verbeek <dverb...@hotmail.com> ---
(In reply to comment #1)
> As per the docs, if you use SSO all contexts must use the same Realm. The
> behaviour is undefined if you don't follow that requirement.
Looking back at it, I cannot believe I missed that.
So just to be clear, especially for everybody stumbling upon the same issue,
there are two options to make it work as expected:
1 - Include the proper role for the manager webapp in the SSO-Realm. This
integrates the manager webapp with your own webapps. Vulnerabilities included.
2 - Create a separate Service/Connector/Engine/Host/Realm for the manager
webapp.
<Service name="Catalina">
...
</Service>
<Service name="manager">
<Connector port="8081" protocol="HTTP/1.1" connectionTimeout="20000" />
<Engine name="Manager" defaultHost="manager">
<Host name="manager" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Host>
</Engine>
</Service>
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
