Internet Express for Tru64 UNIX Version V6.10 Release Notes (5900-1419, March 2011)
applications is limited to browsers running on the local host and requires that users successfully
authenticate themselves before access will be granted.
The local host restriction is established by access control valves in the files admin.xml and
manager.xml, located in the /usr/internet/httpd/tomcat/webapps/tomcat/admin
and /usr/internet/httpd/tomcat/webapps/tomcat/manager directories, respectively.
To modify this restriction, edit these files and change the list of allowed hosts, or delete the Valve
element entirely to remove host-based restrictions. Tomcat will need to be restarted for any changes
to take effect. Note also that the default restriction requires that a browser on the local host must
access the management applications using URLs that begin with http://localhost/. Attempts
to access the applications with URLs that begin with
http://<actual_hostname_of_local_host>/ will be rejected.
User authentication is provided by a custom realm that allows a user who successfully authenticates
as the Secure Web Server administration user to be mapped to the Tomcat user roles admin and
manager, which are the roles required to access the administration and Web application
management utilities. If this initial authentication attempt fails, the realm then attempts to authenticate
the user via Tomcat's default user authentication database, which is defined by the file
/usr/internet/httpd/tomcat/conf/tomcat-users.xml. To change the behavior of this
custom realm, modify the file /usr/internet/httpd/tomcat/conf/server.xml as necessary
and then restart Tomcat.
Tomcat Administration Application Side-Effects
When the Web-based Tomcat administration application is used to modify the Tomcat deployment,
the /usr/internet/httpd/tomcat/conf/server.xml file is updated. In the process, any
comments that were in the previous version of the file are stripped out. The ordering of elements
within the file may also change, and some default elements that were not explicitly specified in
the previous version of the file may be present in the newer version.
Saving changes made through the administration application will also cause Context elements for
each deployed application to be written out to the main server.xml file. If the applications had
been originally deployed as the result of the presence of application-specific xml files in the
/usr/internet/httpd/tomcat/webapps directory, those files will thereafter be ignored and
Tomcat will use the Context elements in the main server.xml file as the sole sources for application
deployment information.
Apache Axis Client Requirement When Using Java 1.4.x
When using Axis with Java 1.4.x, client code may output the following exception:
NoClassDefFoundError: javax/servlet/ServletContext
Use Java 1.3.x or include an implementation of the Java Servlet API (servlet.jar) in your
classpath. A servlet.jar file is installed with the Tomcat subset (IAETOMCAT) in the
/usr/internet/httpd/tomcat/common/lib directory.
Axis AdminClient, Command- Line Tool May Fail on a Cluster
By default the Axis server is configured to only allow administration requests, that is, to deploy or
undeploy services, from the localhost. This will cause Unauthorized error messages when the Axis
administration request originates on a different node than that which the Tomcat instance is running.
To avoid this problem, make sure to run the AdminClient from the same node on which Tomcat is
running. Alternatively, you may enable remote administration which will allow requests from all
hosts. To enable remote administration, edit the file
/usr/internet/xml/axis/webapp/WEB-INF/server-config.wsdd and change the
parameter value for "enableRemoteAdmin" to "true" for the service "AdminService". Restart the
Tomcat instance for the changes to take effect.
Tomcat Administration Application Side-Effects 7