Tomcat : Basic tomcat security settings

This page last changed on Sep 05, 2006 by Kees de Kooter

By default tomcat uses the MemoryRealm for authentication. You need to add two roles to be able to use the manager application.

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="tomcat"/>
  <role rolename="manager"/>
  <role rolename="admin"/>
  <user username="tomcat" password="tomcat" roles="tomcat"/>
  <user username="admin" password="XXXX" roles="admin,manager"/>
</tomcat-users>