Tomcat user manager access

chrismfz

Well-Known Member
Jul 4, 2007
125
1
68
Greece
cPanel Access Level
DataCenter Provider
Is it possible to create a tomcat user for manager-gui only
and somehow he will able to view only /manager for his domain only using roles or something else?

I didn't get it, I can create a user with manager-gui access only
and I can see his apps with his.domain.tld:8080/manager
That's good ok,

but he can also see any.other.domain.on.server:8080/manager
and mess around with them.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

What version of Tomcat is installed on your system? You can review the roles assigned to the user in the following file:

Code:
/usr/local/jakarta/tomcat/conf/tomcat-users.xml
Thank you.
 

chrismfz

Well-Known Member
Jul 4, 2007
125
1
68
Greece
cPanel Access Level
DataCenter Provider
Hello :)

What version of Tomcat is installed on your system? You can review the roles assigned to the user in the following file:

Code:
/usr/local/jakarta/tomcat/conf/tomcat-users.xml
Thank you.
Hello there! I think I explained it wrong! Sorry!

I've created a user, and he can see his apps from his domain:8080/manager.

The thing is, he can see with his username/password any other app on the server or the main hostname
just adding :8080/manager to the hostname or any other domain.


That is what I try to avoid. I don't know if there is a solution about this.

Version is 7, tomcat-users.xml is something like:

<role rolename="manager-gui"/>
<user username="user_here" password="password" roles="manager-gui"/>

Can I give a user specific access only to one domain (his own domain) for /manager ?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
I'm under the impression that behavior is by design. However, feel free to open a support ticket and we can ensure it's functioning as expected. Post the ticket number here and we can update this thread with the outcome.

Thank you.