From: markt Date: Mon, 17 Jan 2011 17:31:45 +0000 (+0000) Subject: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50599 X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=2ee8087f6b4a9fa00216d3c01013201e2fb4a180;p=tomcat7.0 Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50599 Use correct names of security roles for Manager app git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1060015 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/java/org/apache/catalina/ant/package.html b/java/org/apache/catalina/ant/package.html index 1aa06e1b6..5fa987e1d 100644 --- a/java/org/apache/catalina/ant/package.html +++ b/java/org/apache/catalina/ant/package.html @@ -46,7 +46,7 @@ sent directly to the Manager application. They are summarized as follows: username The username of a Tomcat user that has been configured with the - manager role, as required to execute Manager + manager-script role, as required to execute Manager application commands. This attribute is required. @@ -54,7 +54,7 @@ sent directly to the Manager application. They are summarized as follows: password The password of a Tomcat user that has been configured with the - manager role, as required to execute Manager + manager-script role, as required to execute Manager application commands. This attribute is required. diff --git a/webapps/docs/appdev/build.xml.txt b/webapps/docs/appdev/build.xml.txt index 2de66e659..b3cdb5cab 100644 --- a/webapps/docs/appdev/build.xml.txt +++ b/webapps/docs/appdev/build.xml.txt @@ -113,7 +113,7 @@ Defaults to "dist". manager.password The login password of a user that is assigned the - "manager" role (so that he or she can execute + "manager-script" role (so that he or she can execute commands via the "/manager" web application) manager.url The URL of the "/manager" web application on the @@ -121,7 +121,7 @@ applications and web services. manager.username The login username of a user that is assigned the - "manager" role (so that he or she can execute + "manager-script" role (so that he or she can execute commands via the "/manager" web application) --> diff --git a/webapps/docs/appdev/processes.xml b/webapps/docs/appdev/processes.xml index 4c4cd4edc..7f2ab7faa 100644 --- a/webapps/docs/appdev/processes.xml +++ b/webapps/docs/appdev/processes.xml @@ -63,12 +63,12 @@ once (no matter how many web applications you plan to develop).



  • Define one or more Tomcat users. The Manager web application runs under a security constraint that requires a user to be - logged in, and have the security role manager assigned to - him or her. How such users are defined depends on which Realm you have + logged in, and have the security role manager-script assigned + to him or her. How such users are defined depends on which Realm you have configured in Tomcat's conf/server.xml file -- see the Realm Configuration HOW-TO for more information. You may define any number of users (with any username - and password that you like) with the manager role. + and password that you like) with the manager-script role.

    • diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 68b57c2eb..a52992529 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -121,6 +121,10 @@ Correct the documentation for the recoveryCount count attribute of the the default cluster membership. (markt) + + 50599: Use correct names of roles required to access the + Manager application. (markt) + diff --git a/webapps/docs/funcspecs/fs-admin-apps.xml b/webapps/docs/funcspecs/fs-admin-apps.xml index 1370f2ad3..93de016c3 100644 --- a/webapps/docs/funcspecs/fs-admin-apps.xml +++ b/webapps/docs/funcspecs/fs-admin-apps.xml @@ -261,10 +261,10 @@

    In addition, this web application shall conform to the following requirements:

    HTML-Based Web Application
    diff --git a/webapps/docs/realm-howto.xml b/webapps/docs/realm-howto.xml index f17590b01..a25e3a702 100644 --- a/webapps/docs/realm-howto.xml +++ b/webapps/docs/realm-howto.xml @@ -250,15 +250,16 @@ and log on with one of the usernames and passwords described for the default

    If you wish to use the Manager Application to deploy and undeploy applications in a running Tomcat installation, you -MUST add the "manager" role to at least one username in your selected Realm -implementation. This is because the manager web application itself uses a -security constraint that requires role "manager" to access ANY request URI -within that application.

    +MUST add the "manager-gui" role to at least one username in your selected +Realm implementation. This is because the manager web application itself uses a +security constraint that requires role "manager-gui" to access ANY request URI +within the HTML interface of that application.

    For security reasons, no username in the default Realm (i.e. using -conf/tomcat-users.xml is assigned the "manager" role. Therefore, -no one will be able to utilize the features of this application until the -Tomcat administrator specifically assigns this role to one or more users.

    +conf/tomcat-users.xml is assigned the "manager-gui" role. +Therefore, no one will be able to utilize the features of this application +until the Tomcat administrator specifically assigns this role to one or more +users.