Bear Bibeault wrote:Ah, so you've replaced Tomcat's default root app with your own?
I don't rely upon Tomcat's system for authentication (do you really want to have to record all your users in tomact_users.xml rather than a database?), so someone else who knows it better will have to help.
You'll probably need to include more info on how the app is configured.
tomcat-users.xml and the Realm that uses it is really only intended for quick-and-dirty stuff. Real production webapps should be using a more robust Realm like one of the database or LDAP-based Realms.
tomcat-users is fine for
testing, and the great thing about it is that a simple reconfiguration of the webapp Context or server.xml can then be used to use a "real" realm in production without any code changes. But as a data center operations solution, it's a nightmare. Not only would it require operators or security personnel to go mucking around in the server config directory, you can only get new/changed users to "take" by restarting Tomcat.
A userid in the form "aaaa\bbbb" usually means that the real ID is a user within a domain. Normally, a backslash is just begging for trouble, since it's
Java's escape character, but tomcat-users.xml is (obviously!) an XML file, and backslashes aren't "magic" to XML, so I can't venture a guess on that one.
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.