z/OS DFSMSrmm Implementation and Customization Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Basic authentication

z/OS DFSMSrmm Implementation and Customization Guide
SC23-6874-00

Only users assigned to a specific role are authorized to consume the web service identified by this role. The role-name for this web service is "master", hence the mapping file $CATALINA_HOME/conf/tomcat-users.xml must be updated by the new role-tag, carrying the attribute rolename="master", and new corresponding user-tags, as desired.

To make this file editable under z/OS, tag the file as ASCII and back to EBCDIC again when done, by these commands: 
chtag -tc ISO8859-1 $CATALINA_HOME/conf/tomcat-users.xml
chtag -tc IBM-1047 $CATALINA_HOME/conf/tomcat-users.xml
In this example a new user "myuser/mypassword" is mapped to roles "master" and "manager": 
<xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="master"/>
  <role rolename="manager"/>
  <user username="myuser" password="mypassword" roles="master,manager"/>
</tomcat-users>

Restart Tomcat to activate the changes.

Note: The Basic Authentication is a weak security scheme. Passwords are entered as plain text within tomcat-users.xml and further precautions are needed to prevent unauthorized access to this file. Although better than nothing, this security method is not recommended.
Parent topic: Authentication and authorization

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014