You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Dick Eastlake <di...@yahoo.com> on 2009/06/09 03:54:50 UTC
Starting Tomcat 6.0
I currently start Tomcat with the Procrun Service Manager.
It's an app called Apache Tomcat Properties with six tabbed forms: general, log on, logging, java, startup and shutdown.
To start Tomcat I press the start button in the general tab.
I want to experiment with security, lock down a directory so that only authenticated users can get the pages, etc.
The doc says I need to:
Starting Tomcat With A SecurityManager
Once you have configured the catalina.policy file for use
with a SecurityManager, Tomcat can be started with a SecurityManager in
place by using the "-security" option:
%CATALINA_HOME%\bin\catalina start -security (Windows)
Unfortunately, I need more specific instructions on how to do this (not the policy file changes, just the start part.) I'm on Windows XP Pro SP3
Please and thank you.
Re: Starting Tomcat 6.0
Posted by André Warnier <aw...@ice-sa.com>.
Konstantin Kolinko wrote:
> 2009/6/9 Dick Eastlake <di...@yahoo.com>:
...
Konstantin,
unless I am mistaken, the OP is just trying to protect some *pages* from
non-authenticated access.
You don't need the Security Manager for that, just stuff like
<security-constraint> in the webapp's web.xml, no ?
The Security Manager is more for stopping some rogue webapps from doing
things they should not, but has little to do with protecting pages or
requiring authentication.
Dick, have a look on your system around here :
C:\Tomcat5.5\server\webapps\manager\WEB-INF
(adapt the path for your system and version).
At the end of the web.xml file there, there is a section
<security-constraint>. That is the kind of thing you have to do, I believe.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Starting Tomcat 6.0
Posted by Konstantin Kolinko <kn...@gmail.com>.
2009/6/9 Dick Eastlake <di...@yahoo.com>:
> I currently start Tomcat with the Procrun Service Manager.
>
> It's an app called Apache Tomcat Properties with six tabbed forms: general, log on, logging, java, startup and shutdown.
>
> To start Tomcat I press the start button in the general tab.
>
> I want to experiment with security, lock down a directory so that only authenticated users can get the pages, etc.
>
> The doc says I need to:
> Starting Tomcat With A SecurityManager
>
> Once you have configured the catalina.policy file for use
> with a SecurityManager, Tomcat can be started with a SecurityManager in
> place by using the "-security" option:
>
> %CATALINA_HOME%\bin\catalina start -security (Windows)
>
> Unfortunately, I need more specific instructions on how to do this (not the policy file changes, just the start part.) I'm on Windows XP Pro SP3
>
> Please and thank you.
>
Switch to the "Java" tab and add the following two lines
into the "Java Options" field:
-Djava.security.manager
-Djava.security.policy==C:\Program Files\Apache Software
Foundation\Tomcat 6.0\conf\catalina.policy
Notes:
1. Adjust the path according to your configuration
2. There are two equal signs in the second line. That is as intended.
(If interested, see "Specifying an Additional Policy File at Runtime"
here:
http://java.sun.com/javase/6/docs/technotes/guides/security/PolicyFiles.html#DefaultLocs
)
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org