Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Logging into Tomcat

 
Mohammed Uddin
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

At the risk be being disliked for this post, I am unable to log in into tomcat when it is running.

I have changed my tomcat-users.xml file, saved it, restarted tomcat and still nothing.

tomcat-user.xml file:


I am trying to log into Manager app section.

Any help would be greatly appreciated.

Thanks,
Mohammed
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64629
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mohammed Uddin wrote:At the risk be being disliked for this post...

Huh?
 
Mohammed Uddin
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, this same question has been asked so many times and the solution has always been the same and has worked for many - this is why I felt a bit guilty asking something that has been asked many times.

I am still not able to log in...
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64629
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Looks correct to me. I have a similar setup and no problems.

Any errors in the log during startup?

Also, what exactly is happening? Login rejected? No login box? Other? Please TellTheDetails.
 
Mohammed Uddin
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Log trace:


Thanks
 
Mohammed Uddin
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Have looked around but was not able to solve this. I then found a plugin for Maven called Jetty and used that so deploy my web app and that did the trick.

MoSha.
 
gurpeet singh
Ranch Hand
Posts: 924
1
Fedora Java Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
did you uncommented the comments that are represented as <!-- -- > from the tags after making changes in tomcat-users.xml ? if you haven't your changes would still be treated as comments and tomcat won't pick the new configuration.

also which IDE are you using ?
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18009
47
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It will take a lot more work than that to get us to dislike you. The J2EE standard security framework is a mystery to many, many people. Which is unfortunate, because they then go out and invent their own, much less secure alternative systems.

First, you don't "log into Tomcat". Tomcat has no central point to log in to. What you are logging into is a security Realm. One or more webapps may share a Realm, some apps may not be Realm-based, some webapps may have their own individual Realms. You have considerable flexibility there. You can define a default Realm for a Tomcat Host element, and/or you can define a specific Realm in the Context definition of a single webapp. In the case of the Tomcat Manager and Tomcat Admin webapps as configured in the default server.xml setup, they share a common Realm.

Realms are actually plug-in authentication and authorization services and they come in many flavors. The original one that read the tomcat-users.xml file was the MemoryRealm, although in Tomcat6, 1 or 2 additional similar Realms were defined. Other popular Realm modules support JDBC data sources, LDAP/Active Directory, Single Signon, and so forth. Basically, anything that you can ask if it contains a userid/password and userid/role pair can have a Realm written for it.

To use a Realm you must do the following:

1. Set up roles in a secured webapp's WEB-INF/web.xml file. This has already been done for the Tomcat admin and manager apps.

2. Configure a Realm in either server.xml or the secured webapp's Context.

3. Ensure that the Realm data source works. Meaning, uncomment the commented-out users and roles (or define your own) in the tomcat-users.xml file if you are using one of the Memory Realms.

If you do all that and then restart Tomcat, then attempting to access a secured URL will result in the user being prompted by either a popup dialog (web.xml configured for BASIC security) or a login page (web.xml configured for FORM-based security; you also have to have defined a login form for that webapp).

Finally, be aware that if you're using an IDE to launch Tomcat, some of them really mangle Tomcat's configuration and may not pull in the Realm configuration properly. If all else fails, try launching Tomcat stand-alone.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic