User Role Manager
The User Role Manager is an administrative tool for creating user accounts and assigning administrative roles without having to edit the Tomcat/conf/tomcat-users.xml file directly. The intended audience for this article is MIRC system administrators.
To access the URM, click the User Role Manager button on the admin page of any storage service on the server. All storage services on a server (e.g., a specific Tomcat instance) link to the same URM, and the URM manages all the users on the server. The URM page looks like this:
- The left column is the username.
- The right column is the user's password. The column is not listed because the page is sent in clear text and there is no sense drawing a hacker's attention. In a future release, the URM can be changed to use SSL.
- The users listed are those that are currently in the tomcat-users.xml file.
- The roles listed are the administrative roles that are possessed by a current user or ones that appear in the entity definitions in the web.xml files of any of the storage services on the server. Administrative roles are those that confer access privileges to servlets on the system. They are distinguished from the roles that define groups in that administrative roles can only be granted by administrators while groups can be created by users.
Users are listed in alphabetical order, so when you add one, it will not necessarily appear at the bottom of the listing after you click the Update button.
When the URM receives a post of the form, it updates the tomcat-users.xml file.
- Any user with no assigned roles is deleted from the list.
- Any line with a blank username is not processed.
When you create a user, make sure to assign the user at least one role by clicking a checkbox in the row with the user’s name and password; otherwise, when you click Update, the addition will not be processed. You can add one user per click of the Update button.
In sites running the Smart Memory Realm (all sites after MIRC release T28), the changes become effective within one minute.
Parenthetical note to avoid confusion: When Tomcat is installed, it comes with several users (e.g. manager) and roles (e.g. role1) in the tomcat-users.xml file. They are examples to demonstrate the use of the Manager webapp. You can delete them, if you want, using the URM.