This lately (past 6 months) has been becoming a more common request. But the
functionality is not there as distributed by tomcat. Patches welcome.

Alternatives include:
- Adding a filter to the manager app for finer grained control
- Rewriting manager to allow its namespace to be authorized via web.xml's
security constraints
- Creating another webapp which does all authorization then calls the manager
app via a nested HttpRequest

-Tim

Florian Ebeling wrote:

> Hi there,
>
> I wonder if there is any means to give users access to the manager
> application, but let them only manipulate contexts located within their
> own virtual <Host>s?
>
> I think this question is one every ISP has to stumble across, provided
> he doesn't want to get "please restart ..." mails all day long and
> restart them manually.
>
> I got a bit angry with my provider because he offers "Java server," but
> he thaught JSP was everything there was to it. When I told him about
> Contexts he was not really prepared. Still he's willing to solve it. So
> I tried to figure it out by googling, browsing mail archives, etc. But,
> it has not yet become apparent to me how ISPs are supposed to set up
> tomcat4 to serve several virtual hosts. I told him to define one Host
> for me and he did so. It works, but this is not really sufficient for an
> ISP. It is unclear to me how to deploy and reload applications remotely,
> in a by-host manner.
>
> Is there a tomcat-based solution out there, or is it necessary to work
> around it, somehow? (For example by invoking a small script local to the
> server via some custom "admin" page link, or something.)
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)