<?xml version="1.0" encoding="UTF-8"?>
|
<!--
|
Licensed to the Apache Software Foundation (ASF) under one or more
|
contributor license agreements. See the NOTICE file distributed with
|
this work for additional information regarding copyright ownership.
|
The ASF licenses this file to You under the Apache License, Version 2.0
|
(the "License"); you may not use this file except in compliance with
|
the License. You may obtain a copy of the License at
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
Unless required by applicable law or agreed to in writing, software
|
distributed under the License is distributed on an "AS IS" BASIS,
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
See the License for the specific language governing permissions and
|
limitations under the License.
|
-->
|
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
|
http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
|
version="3.1"
|
metadata-complete="true">
|
|
<display-name>Tomcat Manager Application</display-name>
|
<description>
|
A scriptable management web application for the Tomcat Web Server;
|
Manager lets you view, load/unload/etc particular web applications.
|
</description>
|
|
<servlet>
|
<servlet-name>Manager</servlet-name>
|
<servlet-class>org.apache.catalina.manager.ManagerServlet</servlet-class>
|
<init-param>
|
<param-name>debug</param-name>
|
<param-value>2</param-value>
|
</init-param>
|
</servlet>
|
<servlet>
|
<servlet-name>HTMLManager</servlet-name>
|
<servlet-class>org.apache.catalina.manager.HTMLManagerServlet</servlet-class>
|
<init-param>
|
<param-name>debug</param-name>
|
<param-value>2</param-value>
|
</init-param>
|
<!-- Uncomment this to show proxy sessions from the Backup manager or a
|
StoreManager in the sessions list for an application
|
<init-param>
|
<param-name>showProxySessions</param-name>
|
<param-value>true</param-value>
|
</init-param>
|
-->
|
<multipart-config>
|
<!-- 50MB max -->
|
<max-file-size>52428800</max-file-size>
|
<max-request-size>52428800</max-request-size>
|
<file-size-threshold>0</file-size-threshold>
|
</multipart-config>
|
</servlet>
|
<servlet>
|
<servlet-name>Status</servlet-name>
|
<servlet-class>org.apache.catalina.manager.StatusManagerServlet</servlet-class>
|
<init-param>
|
<param-name>debug</param-name>
|
<param-value>0</param-value>
|
</init-param>
|
</servlet>
|
|
<servlet>
|
<servlet-name>JMXProxy</servlet-name>
|
<servlet-class>org.apache.catalina.manager.JMXProxyServlet</servlet-class>
|
</servlet>
|
|
<!-- Define the Manager Servlet Mapping -->
|
<servlet-mapping>
|
<servlet-name>Manager</servlet-name>
|
<url-pattern>/text/*</url-pattern>
|
</servlet-mapping>
|
<servlet-mapping>
|
<servlet-name>Status</servlet-name>
|
<url-pattern>/status/*</url-pattern>
|
</servlet-mapping>
|
<servlet-mapping>
|
<servlet-name>JMXProxy</servlet-name>
|
<url-pattern>/jmxproxy/*</url-pattern>
|
</servlet-mapping>
|
<servlet-mapping>
|
<servlet-name>HTMLManager</servlet-name>
|
<url-pattern>/html/*</url-pattern>
|
</servlet-mapping>
|
|
<filter>
|
<filter-name>SetCharacterEncoding</filter-name>
|
<filter-class>org.apache.catalina.filters.SetCharacterEncodingFilter</filter-class>
|
<init-param>
|
<param-name>encoding</param-name>
|
<param-value>UTF-8</param-value>
|
</init-param>
|
</filter>
|
|
<filter-mapping>
|
<filter-name>SetCharacterEncoding</filter-name>
|
<url-pattern>/*</url-pattern>
|
</filter-mapping>
|
|
<filter>
|
<filter-name>CSRF</filter-name>
|
<filter-class>org.apache.catalina.filters.CsrfPreventionFilter</filter-class>
|
<init-param>
|
<param-name>entryPoints</param-name>
|
<param-value>/html,/html/,/html/list,/index.jsp</param-value>
|
</init-param>
|
</filter>
|
|
<!-- Configured to set X-FRAME-OPTIONS. Disable HSTS in case it interferes -->
|
<!-- with an existing setting. Keep X-Content-Type-Options and -->
|
<!-- X-XSS-Protection as they are page specific. -->
|
<filter>
|
<filter-name>HTTP header security filter</filter-name>
|
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
|
<init-param>
|
<param-name>hstsEnabled</param-name>
|
<param-value>false</param-value>
|
</init-param>
|
</filter>
|
|
<filter-mapping>
|
<filter-name>CSRF</filter-name>
|
<servlet-name>HTMLManager</servlet-name>
|
</filter-mapping>
|
|
<filter-mapping>
|
<filter-name>HTTP header security filter</filter-name>
|
<url-pattern>/*</url-pattern>
|
</filter-mapping>
|
|
<!-- Define a Security Constraint on this Application -->
|
<!-- NOTE: None of these roles are present in the default users file -->
|
<security-constraint>
|
<web-resource-collection>
|
<web-resource-name>HTML Manager interface (for humans)</web-resource-name>
|
<url-pattern>/html/*</url-pattern>
|
</web-resource-collection>
|
<auth-constraint>
|
<role-name>manager-gui</role-name>
|
</auth-constraint>
|
</security-constraint>
|
<security-constraint>
|
<web-resource-collection>
|
<web-resource-name>Text Manager interface (for scripts)</web-resource-name>
|
<url-pattern>/text/*</url-pattern>
|
</web-resource-collection>
|
<auth-constraint>
|
<role-name>manager-script</role-name>
|
</auth-constraint>
|
</security-constraint>
|
<security-constraint>
|
<web-resource-collection>
|
<web-resource-name>JMX Proxy interface</web-resource-name>
|
<url-pattern>/jmxproxy/*</url-pattern>
|
</web-resource-collection>
|
<auth-constraint>
|
<role-name>manager-jmx</role-name>
|
</auth-constraint>
|
</security-constraint>
|
<security-constraint>
|
<web-resource-collection>
|
<web-resource-name>Status interface</web-resource-name>
|
<url-pattern>/status/*</url-pattern>
|
</web-resource-collection>
|
<auth-constraint>
|
<role-name>manager-gui</role-name>
|
<role-name>manager-script</role-name>
|
<role-name>manager-jmx</role-name>
|
<role-name>manager-status</role-name>
|
</auth-constraint>
|
</security-constraint>
|
|
<!-- Define the Login Configuration for this Application -->
|
<login-config>
|
<auth-method>BASIC</auth-method>
|
<realm-name>Tomcat Manager Application</realm-name>
|
</login-config>
|
|
<!-- Security roles referenced by this web application -->
|
<security-role>
|
<description>
|
The role that is required to access the HTML Manager pages
|
</description>
|
<role-name>manager-gui</role-name>
|
</security-role>
|
<security-role>
|
<description>
|
The role that is required to access the text Manager pages
|
</description>
|
<role-name>manager-script</role-name>
|
</security-role>
|
<security-role>
|
<description>
|
The role that is required to access the HTML JMX Proxy
|
</description>
|
<role-name>manager-jmx</role-name>
|
</security-role>
|
<security-role>
|
<description>
|
The role that is required to access to the Manager Status pages
|
</description>
|
<role-name>manager-status</role-name>
|
</security-role>
|
|
<error-page>
|
<error-code>401</error-code>
|
<location>/WEB-INF/jsp/401.jsp</location>
|
</error-page>
|
<error-page>
|
<error-code>403</error-code>
|
<location>/WEB-INF/jsp/403.jsp</location>
|
</error-page>
|
<error-page>
|
<error-code>404</error-code>
|
<location>/WEB-INF/jsp/404.jsp</location>
|
</error-page>
|
|
</web-app>
|
