You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Farid Hamjavar <ha...@unm.edu> on 2009/04/13 17:54:49 UTC
Removal of (or disable) /admin for the user manager
Tomcat 5.5.23 on Linux
Hello,
I have a question in reference to Tomcat's
Tomcat Manager's default page 'Tomcat Web Application Manager'
When I log in, as user 'manager' to that page I like to either:
1) remove the row '/admin' all together,
2) if I can not do that, I at least like to
prevent the ability to do any of the actions
mentioned in the 'commands' column (start/stop ,etc,etc).
Is there an easy way (if at all) to achieve this?
Thank you,
Farid
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Removal of (or disable) /admin for the user manager
Posted by Farid Hamjavar <ha...@unm.edu>.
On 04/13/2009 10:30 AM, Caldarale, Charles R wrote:
>> From: Farid Hamjavar [mailto:hamjavar@unm.edu]
>> Subject: Removal of (or disable) /admin for the user manager
>>
>> 1) remove the row '/admin' all together,
>>
>> 2) if I can not do that, I at least like to
>> prevent the ability to do any of the actions
>> mentioned in the 'commands' column (start/stop ,etc,etc).
>
> Do you want to eliminate the admin webapp completely, or just prevent its manipulation via the manager webapp?
Either would be fine.
>
> Since access to the manager webapp is already controlled, what purpose does this serve?
Tomcat default users 'admin' and 'manager' are different entities and
I just don't think person who logs in as 'manager' to manage one or more
webapps should also be able to shutdown the server
as is the default case.
Farid
>
> - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Removal of (or disable) /admin for the user manager
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Farid Hamjavar [mailto:hamjavar@unm.edu]
> Subject: Removal of (or disable) /admin for the user manager
>
> 1) remove the row '/admin' all together,
>
> 2) if I can not do that, I at least like to
> prevent the ability to do any of the actions
> mentioned in the 'commands' column (start/stop ,etc,etc).
Do you want to eliminate the admin webapp completely, or just prevent its manipulation via the manager webapp?
Since access to the manager webapp is already controlled, what purpose does this serve?
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org