Jahia Install Forum > Tomcat-installation:...

0 (0 Good)
0 (0 Bad)

Tomcat-installation: User

by  gregor »  2011/06/07 20:53

 

Hi again,

 

one more question:

In [Jahia-Installation-Directory]/conf/tomcat-users.xml I find the following entry:

 

<?xml version='1.0' encoding='utf-8'?>

<tomcat-users>

  <role rolename="manager"/>

  <user username="Jahia" password="DJnn3N4dvdCQLDX" roles="manager"/>

</tomcat-users>

This applies for both the CE and the EE - only the passwords specified are different.

Could somebody please explain what this user is needed for? Since we figure that it's not the best practice specifying users in Tomcat within a memory-realm, we'd like to remove that one if possible. If it's still needed, we'd prefer to create a db-realm with md5-encryption for that purpose.

 

TIA

 

Gregor

  • Tomcat-installation: User
    2011/07/08 08:00

    gregor <p> &nbsp;</p> <p> <title></title> </p> <p> Hi again,</p> <p> &nbsp;</p> <p> one more question:</p> <p> In [Jahia-Installation-Directory]/conf/tomcat-users.xml I find the following entry:</p> <p> &nbsp;</p> <pre> &lt;?xml version=&#39;1.0&#39; encoding=&#39;utf-8&#39;?&gt; &lt;tomcat-users&gt; &lt;role rolename=&quot;manager&quot;/&gt; &lt;user username=&quot;Jahia&quot; password=&quot;DJnn3N4dvdCQLDX&quot; roles=&quot;manager&quot;/&gt; &lt;/tomcat-users&gt;</pre> <p> This applies for both the CE and the EE - only the passwords specified are different.</p> <p> Could somebody please explain what this user is needed for? Since we figure that it&#39;s not the best practice specifying users in Tomcat within a memory-realm, we&#39;d like to remove that one if possible. If it&#39;s still needed, we&#39;d prefer to create a db-realm with md5-encryption for that purpose.</p> <p> &nbsp;</p> <p> TIA</p> <p> &nbsp;</p> <p> Gregor</p>

  • Number of messages  11
    Registration date Jun 7, 2011
    0 (0 Good)
    0 (0 Bad)

    Re: Tomcat-installation: User

    by  wassek »  2011/06/07 20:53

    Hi Gregor,


    The Tomcat user Jahia with role manager can be used for some special Jahia Features like the JAM monitoring report and the preCompileServlet.

    E.g. you can try to call http://server:port/preCompileServlet so you must enter this User and password.

    It is specified in the web.xml.

    Additional exists in web.xml another role: jahiaManager
    We didn't create a default user for this role because with this role you can use more jahia features like viewCache, tools, etc.
    But this features are administration features and shouldn't be reachable per default.

    So the sense of this user is to safe some jahia servlets. But if you don't need the preCompileServlet or the JAM monitoring report. You can remove the user from the tomcat-users.xml

    best regards
    Werner

    Werner Assek (wassek)

    Number of messages  26
    Registration date
    Contact
    Share
    Feedback

    Get in touch

    Whether you are a current user or if you are just evaluating Jahia, we are here to help.

    Contact us

    Share this page