Skip to main content

Tomcat Security and User Accounts

Security and User Accounts

  • If we need to access the Tomcat WebApplications then we need to setup some user accounts.
  • For this we need to edit the conf/tomcat-users.xml
  • At the bottom of this file we can find some roles and user accounts
  • Let us add some new roles and users now
    • Adding tomcat,manager, manager-gui, admin-gui roles
     <role rolename="tomcat"/>
     <role rolename="manager"/>
     <role rolename="manager-gui"/>
     <role rolename="admin-gui"/>
    
    • Adding admintom user
     <user username="admintom" password="s3cret" roles="manager,manager-gui,admin-gui"/>
    
  • Now setting up your Hostname / IP to your server instead of localhost
    • Open conf/server.xml and edit the following lines to add your Hostname
     Find the line starts with Engine and change the value of defaultHost
     <Engine name="Catalina" defaultHost="dev02.linux-library.com">
     
     Find the line starts with Host change the value of name to your hostname same as above
     <Host name="dev02.linux-library.com"  appBase="webapps"
    
  • If you want to access the tomcat manager from other than your local machine then you need to allow those IP ranges
    • To allow IPs to access manager edit webapps/manager/META-INF/context.xml file
    NOTE: If you want to access the app from a host of Class-A IP then you should add 10.\d+.\d+.\d+ to the allow directive That should look like below. I have allowed Class-A as well as Class-C ranges
     allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|10\.\d+\.\d+\.\d+|192\.168\.1\.\d+" />
    
    • In the same way you can allow access to you hostmanager too.
    • Open webapps/host-manager/META-INF/context.xml and edit same as above

Comments

Popular posts from this blog

Troubleshooting Tomcat using Catalina log

Troubleshooting Tomcat using Catalina log We can get the  catalina  logs in  $CATALINA_HOME/logs Here we'll have a  catalina.out We can see some huge info in that log file. If we want to what exactly happens since the start of tomcat then we need to log that into a new file. By default we have log rotation enabled on this logs. For now let us stop tomcat and nullify the catalina.out file and then start tomcat to have some new info in the catalina.out # service tomcat stop # cd $CATALINA_HOME/logs # :> catalina.out (or) cat /dev/null > catalina.out # ll catalina.out -rw-r----- 1 root root 0 Feb 18 16:19 catalina.out # service tomcat start # ll catalina.out -rw-r----- 1 root root 17341 Feb 18 16:21 catalina.out We can see the log being written after the start of tomcat. Now we can notice the instance giving some information about the starting of tomcat, about the configuration for the startup, path of the servlet instance for which the log is re...

Ansible Installation Steps Red Hat Enterprise Linux 7

Ansible is a simple IT automation engine that automates provisioning, configuration management, application deployment and many other IT needs.  Designed for multi-tier deployments, ansible models your IT infrastructure by describing how all of your systems interrelate, rather than just managing one system at a time. In this Article we are going to learn Ansible Installation Steps Red Hat Enterprise Linux 7 – RHEL 7. It uses no agents and no additional custom security infrastructure, so it’s easy to deploy – and most importantly, it uses a very simple language YAML that allow you to describe your automation jobs in a way that approaches plain English. Ansible Architecture Ansible works by connecting to your nodes and pushing out small programs, called “Ansible modules” to them. These programs are written to be resource models of the desired state of the system. Ansible then executes these modules using SSH Protocol, and removes them when finished. Your library of modul...

RHVH 4.1 Installation Steps for Red Hat Virtualization Host

Red Hat Virtualization Host (RHVH 4.1) is installed using a special build ( Download Link )of Red Hat Enterprise Linux with only the packages required to host virtual machines. It uses an Anaconda installation interface based on the one used by Red Hat Enterprise Linux hosts, and can be updated through the Red Hat Virtualization Manager or via yum. Using the yum command is the only way to install additional packages and have them persist after an upgrade. In this article we are going to see RHVH 4.1 installation RHVH features a Web interface for monitoring the host’s resources and performing administrative tasks. Direct access to RHVH via SSH or console is not supported, so the Cockpit user interface provides a graphical user interface for tasks that are performed before the host is added to the Red Hat Virtualization Manager, such as configuring networking and deploying a self-hosted engine, and can also be used to run terminal commands via the  Tools > Terminal. Access t...