17.10. Web-Based Management and AdministrationAmong the many other nice features provided with Tomcat are a complete set of Web-based monitoring and configuration tools. These are protected by security, so the first thing that must be done to use them is to create a user with the right security roles. Assuming the UserDatabaseRealm is being used, this can be done by adding <user name="admin" password="admin" roles="standard,manager,admin" /> to tomcat-users.xml. There is nothing special about the username or password used here; any value could be chosen. Given the potential for abuse of these services, they should normally be disabled in a production server or at least protected by something stronger than a username and password. This is a good candidate for a client certificate. The administration page is located at http://localhost:8080/admin and is shown in Figure 17.3. As the figure shows, much of Tomcat's configuration, both global and that of individual Web applications, can be viewed from this screen. In particular the figure shows the values of the environment variables used in the previous section. Figure 17.3. The administration page.Figure 17.4. The control page.The management status is available at http://localhost:8080/manager/status and is shown in Figure 17.5. Figure 17.5. The status page.
|
![[View full size image]](/image/library/english/13872_17fig04_alt.jpg;380138){kind=link}
![[View full size image]](/image/library/english/13872_17fig05_alt.jpg;380138){kind=link}