From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Mon, 21 Sep 2009 22:31:47 +0000 (+0000)
Subject: Separate out Manager app roles
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=f2f63334e98d93cef115a6e0b40f8ff8da5606fb;p=tomcat7.0

Separate out Manager app roles
Move /manager to /manager/text to simplify permissions
Allows the future addition of extra security measures to one interface that might not make sense for another (usually these will be added to the HTML interface but that might not always be the case).

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@817446 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index c3c81bc8c..a1a005596 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -182,12 +182,17 @@
       </update>
     </changelog>
   </subsection>
-  <subsection name="Documentation">
+  <subsection name="Web applications">
      <changelog>
       <update>
-        <rev>631321</rev> Update changelog to support the &lt;rev&gt; element.
-        (fhanik)
+        <rev>631321</rev> Update changelog to support the &lt;rev&gt; element
+        in the documentation. (fhanik)
       </update>
+      <add>
+        A number of additional roles were added to the Manager application to
+        separate out permissions for the HTML interface, the text interface and
+        the JMX proxy. (markt) 
+      </add>
     </changelog>
   </subsection>
   <subsection name="Extras">
diff --git a/webapps/docs/manager-howto.xml b/webapps/docs/manager-howto.xml
index 3b0ff1f0c..b631bc4e4 100644
--- a/webapps/docs/manager-howto.xml
+++ b/webapps/docs/manager-howto.xml
@@ -211,7 +211,7 @@ an example of restricting access to the localhost by IP address:
 <p>All commands that the Manager application knows how to process are
 specified in a single request URI like this:</p>
 <source>
-http://{host}:{port}/manager/{command}?{parameters}
+http://{host}:{port}/manager/text/{command}?{parameters}
 </source>
 <p>where <code>{host}</code> and <code>{port}</code> represent the hostname
 and port number on which Tomcat is running, <code>{command}</code>
@@ -270,7 +270,7 @@ version of the messages.</p>
 <subsection name="Deploy A New Application Remotely">
 
 <source>
-http://localhost:8080/manager/deploy?path=/foo
+http://localhost:8080/manager/text/deploy?path=/foo
 </source>
 
 <p>Upload the web application archive (WAR) file that is specified as the
@@ -343,7 +343,7 @@ has been deployed using the <code>tag</code> attribute. Note that the work
 directory for the manager webapp will contain the previously deployed WARs;
 removing it would make the deployment fail.
 <source>
-http://localhost:8080/manager/deploy?path=/footoo&amp;tag=footag
+http://localhost:8080/manager/text/deploy?path=/footoo&amp;tag=footag
 </source>
 </p>
 
@@ -362,7 +362,7 @@ the entire WAR file.</p>
 <code>/path/to/foo</code> on the Tomcat server is deployed as the
 web application context named <code>/footoo</code>.
 <source>
-http://localhost:8080/manager/deploy?path=/footoo&amp;war=file:/path/to/foo
+http://localhost:8080/manager/text/deploy?path=/footoo&amp;war=file:/path/to/foo
 </source>
 </p>
 
@@ -372,7 +372,7 @@ Tomcat server is deployed as the web application context named
 so the context path defaults to the name of the web application archive
 file without the ".war" extension.
 <source>
-http://localhost:8080/manager/deploy?war=jar:file:/path/to/bar.war!/
+http://localhost:8080/manager/text/deploy?war=jar:file:/path/to/bar.war!/
 </source>
 </p>
 
@@ -387,7 +387,7 @@ extension is used as the path.</p>
 deployed as the web application context named <code>/foo</code>. Notice
 that the context path used is the name of the web application directory.
 <source>
-http://localhost:8080/manager/deploy?war=foo
+http://localhost:8080/manager/text/deploy?war=foo
 </source>
 </p>
 
@@ -395,7 +395,7 @@ http://localhost:8080/manager/deploy?war=foo
 Host appBase directory on the Tomcat server is deployed as the web
 application context named <code>/bar</code>.
 <source>
-http://localhost:8080/manager/deploy?war=bar.war
+http://localhost:8080/manager/text/deploy?war=bar.war
 </source>
 </p>
 
@@ -430,7 +430,7 @@ docBase configured in the context configuration ".xml" file.</p>
 <p>Here is an example of deploying an application using a Context
 configuration ".xml" file.
 <source>
-http://localhost:8080/manager/deploy?config=file:/path/context.xml
+http://localhost:8080/manager/text/deploy?config=file:/path/context.xml
 </source>
 </p>
 
@@ -438,7 +438,7 @@ http://localhost:8080/manager/deploy?config=file:/path/context.xml
 configuration ".xml" file and a web application ".war" file located
 on the server.
 <source>
-http://localhost:8080/manager/deploy?config=file:/path/context.xml&amp;war=jar:file:/path/bar.war!/
+http://localhost:8080/manager/text/deploy?config=file:/path/context.xml&amp;war=jar:file:/path/bar.war!/
 </source>
 </p>
 
@@ -529,7 +529,7 @@ error message.  Possible causes for problems include:</p>
 <subsection name="List Currently Deployed Applications">
 
 <source>
-http://localhost:8080/manager/list
+http://localhost:8080/manager/text/list
 </source>
 
 <p>List the context paths, current status (<code>running</code> or
@@ -549,7 +549,7 @@ OK - Listed applications for virtual host localhost
 <subsection name="Reload An Existing Application">
 
 <source>
-http://localhost:8080/manager/reload?path=/examples
+http://localhost:8080/manager/text/reload?path=/examples
 </source>
 
 <p>Signal an existing application to shut itself down and reload.  This can
@@ -608,7 +608,7 @@ error message.  Possible causes for problems include:</p>
 <subsection name="List OS and JVM Properties">
 
 <source>
-http://localhost:8080/manager/serverinfo
+http://localhost:8080/manager/text/serverinfo
 </source>
 
 <p>Lists information about the Tomcat version, OS, and JVM properties.</p>
@@ -628,7 +628,7 @@ include an error message.  Possible causes for problems include:</p>
 <subsection name="List Available Global JNDI Resources">
 
 <source>
-http://localhost:8080/manager/resources[?type=xxxxx]
+http://localhost:8080/manager/text/resources[?type=xxxxx]
 </source>
 
 <p>List the global JNDI resources that are available for use in resource
@@ -680,7 +680,7 @@ include an error message.  Possible causes for problems include:</p>
 <subsection name="List Available Security Roles">
 
 <source>
-http://localhost:8080/manager/roles
+http://localhost:8080/manager/text/roles
 </source>
 
 <p>List the security role names (and corresponding descriptions) that are
@@ -733,7 +733,7 @@ include an error message.  Possible causes for problems include:</p>
 <subsection name="Session Statistics">
 
 <source>
-http://localhost:8080/manager/sessions?path=/examples
+http://localhost:8080/manager/text/sessions?path=/examples
 </source>
 
 <p>Display the default session timeout for a web application, and the
@@ -753,7 +753,7 @@ Default maximum session inactive interval 30 minutes
 <subsection name="Start an Existing Application">
 
 <source>
-http://localhost:8080/manager/start?path=/examples
+http://localhost:8080/manager/text/start?path=/examples
 </source>
 
 <p>Signal a stopped application to restart, and make itself available again.
@@ -796,7 +796,7 @@ error message.  Possible causes for problems include:</p>
 <subsection name="Stop an Existing Application">
 
 <source>
-http://localhost:8080/manager/stop?path=/examples
+http://localhost:8080/manager/text/stop?path=/examples
 </source>
 
 <p>Signal an existing application to make itself unavailable, but leave it
@@ -839,7 +839,7 @@ error message.  Possible causes for problems include:</p>
 <subsection name="Undeploy an Existing Application">
 
 <source>
-http://localhost:8080/manager/undeploy?path=/examples
+http://localhost:8080/manager/text/undeploy?path=/examples
 </source>
 
 <p><strong><font color="red">WARNING</font> - This command will delete any web 
@@ -928,7 +928,7 @@ file might look something like this:</p>
   &lt;property name="path"     value="/myapp"/&gt;
 
   &lt;!-- Configure properties to access the Manager application --&gt;
-  &lt;property name="url"      value="http://localhost:8080/manager"/&gt;
+  &lt;property name="url"      value="http://localhost:8080/manager/text"/&gt;
   &lt;property name="username" value="myusername"/&gt;
   &lt;property name="password" value="mypassword"/&gt;
 
diff --git a/webapps/manager/401.jsp b/webapps/manager/401.jsp
index fb45a1bd9..ab1721d85 100644
--- a/webapps/manager/401.jsp
+++ b/webapps/manager/401.jsp
@@ -35,17 +35,33 @@
     You are not authorized to view this page. If you have not changed
     any configuration files, please examine the file
     <tt>conf/tomcat-users.xml</tt> in your installation. That
-    file will contain the credentials to let you use this webapp.
+    file must contain the credentials to let you use this webapp.
    </p>
    <p>
-    You will need to add <tt>manager</tt> role to the config file listed above.
-    For example:
+    For example, to add the <tt>manager</tt> role to a user named
+    <tt>tomcat</tt> with a password of <tt>s3cret</tt>, add the following to the
+    config file listed above.
 <pre>
 &lt;role rolename="manager"/&gt;
 &lt;user username="tomcat" password="s3cret" roles="manager"/&gt;
 </pre>
    </p>
    <p>
+    Note that for Tomcat 7 onwards, the roles required to use the manager
+    application were changed from the single <tt>manager</tt> role to the
+    following four roles. You will need to assign the role(s) required for
+    the functionality you wish to access.
+    <ul>
+      <li><tt>manager</tt> - allows access to the HTML GUI and the status
+          pages</li>
+      <li><tt>manager-scripts</tt> - allows access to the text interface and the
+          status pages</li>
+      <li><tt>manager-jmx</tt> - allows access to the JMX proxy and the status
+          pages</li>
+      <li><tt>manager-status</tt> - allows access to the just status pages</li>
+    </ul>
+   </p>
+   <p>
     For more information - please see the
     <a href="/docs/manager-howto.html">Manager App HOW-TO</a>.
    </p>
diff --git a/webapps/manager/404.jsp b/webapps/manager/404.jsp
new file mode 100644
index 000000000..661bb67ae
--- /dev/null
+++ b/webapps/manager/404.jsp
@@ -0,0 +1,59 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<%@ page import="org.apache.catalina.util.RequestUtil" %>
+<html>
+ <head>
+  <title>404 Not found</title>
+  <style>
+    <!--
+    BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;font-size:12px;}
+    H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
+    PRE, TT {border: 1px dotted #525D76}
+    A {color : black;}A.name {color : black;}
+    -->
+  </style>
+ </head>
+ <body>
+   <h1>404 Not found</h1>
+   <p>
+    The page you tried to access
+    (<%=RequestUtil.filter((String) request.getAttribute(
+            "javax.servlet.error.request_uri"))%>)
+    does not exist.
+   </p>
+   <p>
+    The Manager application has been re-structured for Tomcat 7 onwards and some
+    of URLs have changed. All URLs used to access the Manager application should
+    now start with one of the following options:
+    <ul>
+      <li><%=request.getContextPath()%>/html for the HTML GUI</li>
+      <li><%=request.getContextPath()%>/text for the text interface</li>
+      <li><%=request.getContextPath()%>/jmxproxy for the JMX proxy</li>
+      <li><%=request.getContextPath()%>/status for the status pages</li>
+    </ul>
+    Note that the URL for the text interface has changed from
+    &quot;<%=request.getContextPath()%>&quot; to
+    &quot;<%=request.getContextPath()%>/text&quot;.
+   </p>
+   <p>
+    You probably need to adjust the URL you are using to access the Manager
+    application. However, there is always a chance you have found a bug in the
+    Manager application. If you are sure you have found a bug, and that the bug
+    has not already been reported, please report it to the Apache Tomcat team.
+   </p>
+ </body>
+</html>
diff --git a/webapps/manager/WEB-INF/web.xml b/webapps/manager/WEB-INF/web.xml
index a067f212c..ff19a2071 100644
--- a/webapps/manager/WEB-INF/web.xml
+++ b/webapps/manager/WEB-INF/web.xml
@@ -27,12 +27,6 @@
     Manager lets you view, load/unload/etc particular web applications.
   </description>
 
-  <!-- Define the Manager Servlet
-       Change servlet-class to: org.apache.catalina.servlets.HTMLManagerServlet
-       to get a Servlet with a more intuitive HTML interface, don't change if you
-       have software that is expected to parse the output from ManagerServlet
-       since they're not compatible.
-   -->
   <servlet>
     <servlet-name>Manager</servlet-name>
     <servlet-class>org.apache.catalina.manager.ManagerServlet</servlet-class>
@@ -66,59 +60,7 @@
   <!-- Define the Manager Servlet Mapping -->
   <servlet-mapping>
     <servlet-name>Manager</servlet-name>
-      <url-pattern>/list</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/expire</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/sessions</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/start</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/stop</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/install</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/remove</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/deploy</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/undeploy</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/reload</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/save</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/serverinfo</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/roles</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>Manager</servlet-name>
-      <url-pattern>/resources</url-pattern>
+      <url-pattern>/text/*</url-pattern>
   </servlet-mapping>
   <servlet-mapping>
     <servlet-name>Status</servlet-name>
@@ -148,30 +90,44 @@
   </resource-env-ref>
 
   <!-- Define a Security Constraint on this Application -->
+  <!-- NOTE:  None of these roles are present in the default users file -->
   <security-constraint>
     <web-resource-collection>
-      <web-resource-name>HTMLManger and Manager command</web-resource-name>
-      <url-pattern>/jmxproxy/*</url-pattern>
+      <web-resource-name>HTML Manger interface (for humans)</web-resource-name>
       <url-pattern>/html/*</url-pattern>
-      <url-pattern>/list</url-pattern>
-      <url-pattern>/expire</url-pattern>
-      <url-pattern>/sessions</url-pattern>
-      <url-pattern>/start</url-pattern>
-      <url-pattern>/stop</url-pattern>
-      <url-pattern>/install</url-pattern>
-      <url-pattern>/remove</url-pattern>
-      <url-pattern>/deploy</url-pattern>
-      <url-pattern>/undeploy</url-pattern>
-      <url-pattern>/reload</url-pattern>
-      <url-pattern>/save</url-pattern>
-      <url-pattern>/serverinfo</url-pattern>
+    </web-resource-collection>
+    <auth-constraint>
+       <role-name>manager</role-name>
+    </auth-constraint>
+  </security-constraint>
+  <security-constraint>
+    <web-resource-collection>
+      <web-resource-name>Text Manger interface (for scripts)</web-resource-name>
+      <url-pattern>/text/*</url-pattern>
+    </web-resource-collection>
+    <auth-constraint>
+       <role-name>manager-scripts</role-name>
+    </auth-constraint>
+  </security-constraint>
+  <security-constraint>
+    <web-resource-collection>
+      <web-resource-name>JMX Proxy interface</web-resource-name>
+      <url-pattern>/jmxproxy/*</url-pattern>
+    </web-resource-collection>
+    <auth-constraint>
+       <role-name>manager-jmx</role-name>
+    </auth-constraint>
+  </security-constraint>
+  <security-constraint>
+    <web-resource-collection>
+      <web-resource-name>Status interface</web-resource-name>
       <url-pattern>/status/*</url-pattern>
-      <url-pattern>/roles</url-pattern>
-      <url-pattern>/resources</url-pattern>
     </web-resource-collection>
     <auth-constraint>
-       <!-- NOTE:  This role is not present in the default users file -->
        <role-name>manager</role-name>
+       <role-name>manager-scripts</role-name>
+       <role-name>manager-jmx</role-name>
+       <role-name>manager-status</role-name>
     </auth-constraint>
   </security-constraint>
 
@@ -184,14 +140,36 @@
   <!-- Security roles referenced by this web application -->
   <security-role>
     <description>
-      The role that is required to log in to the Manager Application
+      The role that is required to access the HTML Manager pages
     </description>
     <role-name>manager</role-name>
   </security-role>
+  <security-role>
+    <description>
+      The role that is required to access the text Manager pages
+    </description>
+    <role-name>manager-scripts</role-name>
+  </security-role>
+  <security-role>
+    <description>
+      The role that is required to access the HTML JMX Proxy
+    </description>
+    <role-name>manager-jmx</role-name>
+  </security-role>
+  <security-role>
+    <description>
+      The role that is required to access to the Manager Status pages 
+    </description>
+    <role-name>manager-status</role-name>
+  </security-role>
 
   <error-page>
     <error-code>401</error-code>
     <location>/401.jsp</location>
   </error-page>
+  <error-page>
+    <error-code>404</error-code>
+    <location>/404.jsp</location>
+  </error-page>
 
 </web-app>