Hi all,
I'm trying to configure Tomcat so that a separate login is required to
deploy certain apps. Let's say I have a '/someapp' context, which I
would like 'someuser' to deploy remotely. However, 'someuser' cannot
deploy apps to '/someotherapp', and conversely, 'someotheruser' cannot
touch '/someapp'.
So far, I tried to add a Context to server.xml (I know it's discouraged)
for the app, containing a memory realm that has its own user list:
<Context path="/someapp" docBase="someapp">
<Realm className="org.apache.catalina.realm.MemoryRealm"
pathname="conf/realm.someapp.xml" />
</Context>
The file realm.someapp.xml simply contains:
<tomcat-users>
<user username="someuser" password="secret"
roles="manager-script"/>
</tomcat-users>
But now, I'm mostly stuck. I'm guessing 'someuser' would also have to
have access to the manager app in order to deploy, but that would mean
that this user would also have management access to other people's apps.
I assume I'm doing something fundamentally wrong here, but the docs
don't seem to cover this sort of thing explicitly. I guess I could
create separate hosts for each app and user, but that seems tedious and
unnecessary.
Any pointers? Thanks.
Kind regards,
--
Tim De Pauw <tim.dep...@hogent.be>
Vakgroep Informatica
Geassocieerde faculteit Toegepaste Ingenieurswetenschappen
Hogeschool Gent
http://tiwi.be/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
