File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Tomcat and the fly likes Logging into Tomcat Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Logging into Tomcat" Watch "Logging into Tomcat" New topic
Author

Logging into Tomcat

Mohammed Uddin
Ranch Hand

Joined: Mar 04, 2012
Posts: 31
Hi,

At the risk be being disliked for this post, I am unable to log in into tomcat when it is running.

I have changed my tomcat-users.xml file, saved it, restarted tomcat and still nothing.

tomcat-user.xml file:


I am trying to log into Manager app section.

Any help would be greatly appreciated.

Thanks,
Mohammed
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61456
    
  67

Mohammed Uddin wrote:At the risk be being disliked for this post...

Huh?


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Mohammed Uddin
Ranch Hand

Joined: Mar 04, 2012
Posts: 31
Well, this same question has been asked so many times and the solution has always been the same and has worked for many - this is why I felt a bit guilty asking something that has been asked many times.

I am still not able to log in...
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61456
    
  67

Looks correct to me. I have a similar setup and no problems.

Any errors in the log during startup?

Also, what exactly is happening? Login rejected? No login box? Other? Please TellTheDetails.
Mohammed Uddin
Ranch Hand

Joined: Mar 04, 2012
Posts: 31
Log trace:


Thanks
Mohammed Uddin
Ranch Hand

Joined: Mar 04, 2012
Posts: 31
Hi,

Have looked around but was not able to solve this. I then found a plugin for Maven called Jetty and used that so deploy my web app and that did the trick.

MoSha.
gurpeet singh
Ranch Hand

Joined: Apr 04, 2012
Posts: 924
    
    1

did you uncommented the comments that are represented as <!-- -- > from the tags after making changes in tomcat-users.xml ? if you haven't your changes would still be treated as comments and tomcat won't pick the new configuration.

also which IDE are you using ?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16160
    
  21

It will take a lot more work than that to get us to dislike you. The J2EE standard security framework is a mystery to many, many people. Which is unfortunate, because they then go out and invent their own, much less secure alternative systems.

First, you don't "log into Tomcat". Tomcat has no central point to log in to. What you are logging into is a security Realm. One or more webapps may share a Realm, some apps may not be Realm-based, some webapps may have their own individual Realms. You have considerable flexibility there. You can define a default Realm for a Tomcat Host element, and/or you can define a specific Realm in the Context definition of a single webapp. In the case of the Tomcat Manager and Tomcat Admin webapps as configured in the default server.xml setup, they share a common Realm.

Realms are actually plug-in authentication and authorization services and they come in many flavors. The original one that read the tomcat-users.xml file was the MemoryRealm, although in Tomcat6, 1 or 2 additional similar Realms were defined. Other popular Realm modules support JDBC data sources, LDAP/Active Directory, Single Signon, and so forth. Basically, anything that you can ask if it contains a userid/password and userid/role pair can have a Realm written for it.

To use a Realm you must do the following:

1. Set up roles in a secured webapp's WEB-INF/web.xml file. This has already been done for the Tomcat admin and manager apps.

2. Configure a Realm in either server.xml or the secured webapp's Context.

3. Ensure that the Realm data source works. Meaning, uncomment the commented-out users and roles (or define your own) in the tomcat-users.xml file if you are using one of the Memory Realms.

If you do all that and then restart Tomcat, then attempting to access a secured URL will result in the user being prompted by either a popup dialog (web.xml configured for BASIC security) or a login page (web.xml configured for FORM-based security; you also have to have defined a login form for that webapp).

Finally, be aware that if you're using an IDE to launch Tomcat, some of them really mangle Tomcat's configuration and may not pull in the Realm configuration properly. If all else fails, try launching Tomcat stand-alone.


Customer surveys are for companies who didn't pay proper attention to begin with.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Logging into Tomcat