You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2016/03/08 18:55:50 UTC

svn commit: r1734113 - in /tomcat/trunk: conf/tomcat-users.xml res/confinstall/tomcat-users_2.xml webapps/docs/changelog.xml

Author: markt
Date: Tue Mar  8 17:55:50 2016
New Revision: 1734113

URL: http://svn.apache.org/viewvc?rev=1734113&view=rev
Log:
Make it harder for users to configure the entries intended for use with the examples web application for the Manager application.

Modified:
    tomcat/trunk/conf/tomcat-users.xml
    tomcat/trunk/res/confinstall/tomcat-users_2.xml
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/conf/tomcat-users.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/conf/tomcat-users.xml?rev=1734113&r1=1734112&r2=1734113&view=diff
==============================================================================
--- tomcat/trunk/conf/tomcat-users.xml (original)
+++ tomcat/trunk/conf/tomcat-users.xml Tue Mar  8 17:55:50 2016
@@ -22,18 +22,23 @@
 <!--
   NOTE:  By default, no user is included in the "manager-gui" role required
   to operate the "/manager/html" web application.  If you wish to use this app,
-  you must define such a user - the username and password are arbitrary.
+  you must define such a user - the username and password are arbitrary. It is
+  strongly recommended that you do NOT use one of the users in the commented out
+  section below since they are intended for use with the examples web
+  application.
 -->
 <!--
-  NOTE:  The sample user and role entries below are wrapped in a comment
-  and thus are ignored when reading this file. Do not forget to remove
-  <!.. ..> that surrounds them.
+  NOTE:  The sample user and role entries below are intended for use with the
+  examples web application. They are wrapped in a comment and thus are ignored
+  when reading this file. If you wish to configure these users for use with the
+  examples web application, do not forget to remove the <!.. ..> that surrounds
+  them. You will also need to set the passwords to something appropriate.
 -->
 <!--
   <role rolename="tomcat"/>
   <role rolename="role1"/>
-  <user username="tomcat" password="tomcat" roles="tomcat"/>
-  <user username="both" password="tomcat" roles="tomcat,role1"/>
-  <user username="role1" password="tomcat" roles="role1"/>
+  <user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
+  <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
+  <user username="role1" password="<must-be-changed>" roles="role1"/>
 -->
 </tomcat-users>

Modified: tomcat/trunk/res/confinstall/tomcat-users_2.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/res/confinstall/tomcat-users_2.xml?rev=1734113&r1=1734112&r2=1734113&view=diff
==============================================================================
--- tomcat/trunk/res/confinstall/tomcat-users_2.xml (original)
+++ tomcat/trunk/res/confinstall/tomcat-users_2.xml Tue Mar  8 17:55:50 2016
@@ -1,18 +1,23 @@
 <!--
   NOTE:  By default, no user is included in the "manager-gui" role required
   to operate the "/manager/html" web application.  If you wish to use this app,
-  you must define such a user - the username and password are arbitrary.
+  you must define such a user - the username and password are arbitrary. It is
+  strongly recommended that you do NOT use one of the users in the commented out
+  section below since they are intended for use with the examples web
+  application.
 -->
 <!--
-  NOTE:  The sample user and role entries below are wrapped in a comment
-  and thus are ignored when reading this file. Do not forget to remove
-  <!.. ..> that surrounds them.
+  NOTE:  The sample user and role entries below are intended for use with the
+  examples web application. They are wrapped in a comment and thus are ignored
+  when reading this file. If you wish to configure these users for use with the
+  examples web application, do not forget to remove the <!.. ..> that surrounds
+  them. You will also need to set the passwords to something appropriate.
 -->
 <!--
   <role rolename="tomcat"/>
   <role rolename="role1"/>
-  <user username="tomcat" password="tomcat" roles="tomcat"/>
-  <user username="both" password="tomcat" roles="tomcat,role1"/>
-  <user username="role1" password="tomcat" roles="role1"/>
+  <user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
+  <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
+  <user username="role1" password="<must-be-changed>" roles="role1"/>
 -->
 </tomcat-users>

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1734113&r1=1734112&r2=1734113&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Mar  8 17:55:50 2016
@@ -262,6 +262,11 @@
         pick up the Windows binaries that are based on OpenSSL 1.0.2g and APR
         1.5.1. (markt)
       </update>
+      <update>
+        Modify the default <code>tomcat-users.xml</code> file to make it harder
+        for users to configure the entries intended for use with the examples
+        web application for the Manager application. (markt)
+      </update>
     </changelog>
   </subsection>
 </section>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org