  NOTE:  By default, no user is included in the "manager-gui" role required
  to operate the "/manager/html" web application.  If you wish to use this app,
  you must define such a user - the username and password are arbitrary.
  NOTE:  The sample user and role entries below are wrapped in a comment
  and thus are ignored when reading this file. Do not forget to remove
  <!.. ..> that surrounds them.
  <role rolename="tomcat"/>
  <role rolename="role1"/>
  <role rolename="manager-gui"/>
  <role rolename="manager-script"/>
  <role rolename="manager-jmx"/>
  <role rolename="manager-status"/>
  <role rolename="poweruser"/>
  <role rolename="probeuser"/>
  <user username="tomcat" password="tomcat" roles="tomcat"/>
  <user username="both" password="tomcat" roles="tomcat,role1"/>
  <user username="role1" password="tomcat" roles="role1"/>


  <user username="sss" password="sss" roles="manager-gui"/>
  <user username="fbysss" password="sss" roles="manager-script,manager-jmx,manager-status,poweruser,probeuser"/>








Note that for Tomcat 6.0.30 onwards, the roles required to use the manager application were changed from the single manager role to add the following four roles. (The manager role is still available but should not be used as it avoids the CSRF protection). You will need to assign the role(s) required for the functionality you wish to access. manager-gui - allows access to the HTML GUI and the status pages manager-script - allows access to the text interface and the status pages manager-jmx - allows access to the JMX proxy and the status pages manager-status - allows access to the status pages only The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection: users with the manager-gui role should not be granted either the manager-script or manager-jmx roles. if the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.








5.如果要查看System Information,需要在catalina.sh中加入如下语句:




windows版本:catalina.bat中加入SET JAVA_OPTS=%JAVA_OPTS%




probe有 probeuser、poweruser、poweruserplus、manager(针对不同tomcat版本)等角色,对应可操作的功能如下表:




Features by Role



  probeuser poweruser poweruserplus manager
Context: list X X X X
Context: status X X X X
Context: view servlets X X X X
Context: view servlet mappings X X X X
Context: view filters X X X X
Context: view filter mappings X X X X
Context: list attributes X X X X
Context: remove attributes   X X X
Context: start   X X X
Context: stop   X X X
Context: view web.xml   X X X
Context: view context.xml       X
Context: deploy       X
Context: undeploy       X
Session: list X X X X
Session: list attributes X X X X
Session: search attributes X X X X
Session: remove attributes   X X X
Session: view last-accessed IP X X X X
Session: expire single   X X X
Session: expire multiple   X X X
JSP: list   X X X
JSP: view source   X X X
JSP: view servlet source   X X X
JSP: compile single   X X X
JSP: compile multiple   X X X
JSP: compile all on deployment       X
JSP: discard all compiled       X
Data Source: list X X X X
Data Source: group by JDBC URL X X X X
Data Source: status X X X X
Data Source: reset   X X X
Data Source: test     X X
Data Source: view query history     X X
Data Source: execute SQL     X X
Log: list X X X X
Log: tail in real-time X X X X
Log: download X X X X
Thread: list X X X X
Thread: view execution stack   X X X
Thread: kill       X
Connector: status X X X X
Connector: real-time usage charts X X X X
Cluster: status X X X X
Cluster: real-time traffic charts X X X X
JVM: real-time memory usage charts X X X X
JVM: status X X X X
JVM: advise GC       X
Java Service Wrapper: status X X X X
Java Service Wrapper: restart JVM       X
System: overview X X X X
System: properties X X X X
System: OS details       X
Quick Check: execute       X



