You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2016/03/08 18:55:50 UTC
svn commit: r1734113 - in /tomcat/trunk: conf/tomcat-users.xml
res/confinstall/tomcat-users_2.xml webapps/docs/changelog.xml
Author: markt
Date: Tue Mar 8 17:55:50 2016
New Revision: 1734113
URL: http://svn.apache.org/viewvc?rev=1734113&view=rev
Log:
Make it harder for users to configure the entries intended for use with the examples web application for the Manager application.
Modified:
tomcat/trunk/conf/tomcat-users.xml
tomcat/trunk/res/confinstall/tomcat-users_2.xml
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/conf/tomcat-users.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/conf/tomcat-users.xml?rev=1734113&r1=1734112&r2=1734113&view=diff
==============================================================================
--- tomcat/trunk/conf/tomcat-users.xml (original)
+++ tomcat/trunk/conf/tomcat-users.xml Tue Mar 8 17:55:50 2016
@@ -22,18 +22,23 @@
<!--
NOTE: By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
- you must define such a user - the username and password are arbitrary.
+ you must define such a user - the username and password are arbitrary. It is
+ strongly recommended that you do NOT use one of the users in the commented out
+ section below since they are intended for use with the examples web
+ application.
-->
<!--
- NOTE: The sample user and role entries below are wrapped in a comment
- and thus are ignored when reading this file. Do not forget to remove
- <!.. ..> that surrounds them.
+ NOTE: The sample user and role entries below are intended for use with the
+ examples web application. They are wrapped in a comment and thus are ignored
+ when reading this file. If you wish to configure these users for use with the
+ examples web application, do not forget to remove the <!.. ..> that surrounds
+ them. You will also need to set the passwords to something appropriate.
-->
<!--
<role rolename="tomcat"/>
<role rolename="role1"/>
- <user username="tomcat" password="tomcat" roles="tomcat"/>
- <user username="both" password="tomcat" roles="tomcat,role1"/>
- <user username="role1" password="tomcat" roles="role1"/>
+ <user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
+ <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
+ <user username="role1" password="<must-be-changed>" roles="role1"/>
-->
</tomcat-users>
Modified: tomcat/trunk/res/confinstall/tomcat-users_2.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/res/confinstall/tomcat-users_2.xml?rev=1734113&r1=1734112&r2=1734113&view=diff
==============================================================================
--- tomcat/trunk/res/confinstall/tomcat-users_2.xml (original)
+++ tomcat/trunk/res/confinstall/tomcat-users_2.xml Tue Mar 8 17:55:50 2016
@@ -1,18 +1,23 @@
<!--
NOTE: By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
- you must define such a user - the username and password are arbitrary.
+ you must define such a user - the username and password are arbitrary. It is
+ strongly recommended that you do NOT use one of the users in the commented out
+ section below since they are intended for use with the examples web
+ application.
-->
<!--
- NOTE: The sample user and role entries below are wrapped in a comment
- and thus are ignored when reading this file. Do not forget to remove
- <!.. ..> that surrounds them.
+ NOTE: The sample user and role entries below are intended for use with the
+ examples web application. They are wrapped in a comment and thus are ignored
+ when reading this file. If you wish to configure these users for use with the
+ examples web application, do not forget to remove the <!.. ..> that surrounds
+ them. You will also need to set the passwords to something appropriate.
-->
<!--
<role rolename="tomcat"/>
<role rolename="role1"/>
- <user username="tomcat" password="tomcat" roles="tomcat"/>
- <user username="both" password="tomcat" roles="tomcat,role1"/>
- <user username="role1" password="tomcat" roles="role1"/>
+ <user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
+ <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
+ <user username="role1" password="<must-be-changed>" roles="role1"/>
-->
</tomcat-users>
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1734113&r1=1734112&r2=1734113&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Mar 8 17:55:50 2016
@@ -262,6 +262,11 @@
pick up the Windows binaries that are based on OpenSSL 1.0.2g and APR
1.5.1. (markt)
</update>
+ <update>
+ Modify the default <code>tomcat-users.xml</code> file to make it harder
+ for users to configure the entries intended for use with the examples
+ web application for the Manager application. (markt)
+ </update>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org