tomcat用户角色权限配置文件为:tomcat/conf/tomcat-user.xml
默认未开启用户配置如下:
<tomcat-users> <!-- NOTE: By default, no user is included in the "manager-gui" role required to operate the "/manager/html" web application. If you wish to use this app, you must define such a user - the username and password are arbitrary. It is strongly recommended that you do NOT use one of the users in the commented out section below since they are intended for use with the examples web application. --> <!-- NOTE: The sample user and role entries below are intended for use with the examples web application. They are wrapped in a comment and thus are ignored when reading this file. If you wish to configure these users for use with the examples web application, do not forget to remove the <!.. ..> that surrounds them. You will also need to set the passwords to something appropriate. --> <!-- <role rolename="tomcat"/> <role rolename="role1"/> <user username="tomcat" password="<must-be-changed>" roles="tomcat"/> <user username="both" password="<must-be-changed>" roles="tomcat,role1"/> <user username="role1" password="<must-be-changed>" roles="role1"/> --> </tomcat-users>
配置用户要打开role及user节点
如配置为以下内容:
<tomcat-users> <role rolename="tomcat"/> <role rolename="role1"/> <role rolename="manager-script"/> <role rolename="manager-gui"/> <role rolename="manager-status"/> <role rolename="admin-gui"/> <role rolename="admin-script"/> <user username="tomcat" password="tomcat" roles="manager-gui,manager-script,tomcat,admin-gui,admin-script"/> </tomcat-users>
角色权限说明如下:
权限说明 admin-gui — 可访问 "host管理" 页面,但"APP管理" 和 "服务器状态" 页面无查看权限 manager-gui — 无 "host管理" 页面访问权限,有"APP管理" 和 "服务器状态" 页面查看权限 manager-status — 只有"服务器状态" 页面查看权限 manager-script — 有脚本方式管理接口访问权限和"服务器状态" 页面查看权限 manager-jmx — JMX 代理接口访问权限和"服务器状态" 页面查看权限 admin-script — 只有host-manager脚本方式管理接口访问权限