Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon
Labs

Adding a User to Tomcat

Welcome to this hands-on lab for adding users to Tomcat 9 using Red Hat Enterprise 8. Apache's Tomcat is a Java based application platform built around deploying and managing Java Web Applications. This lab focuses on adding new users to an existing Tomcat environment. The server provided is Red Hat Enterprise 8, and has Tomcat 9 preinstalled for you (available on port **8080**). You will log into the server and add a user that uses digest authentication to validate that the password is correct. You will need to edit the `server.xml` file Once you create the SHA-512 key, you will need to change the `tomcat-users.xml` file to make use of it. Then you will need to confirm that everything works by logging into the server as that user.

Try for free Contact sales
Google Cloud Platform icon
Labs

Path Info

Level
Clock icon Intermediate
Duration
Clock icon 30m
Published
Clock icon May 08, 2020

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Test to Ensure You Can Access the Preconfigured Tomcat Instance, Using the Server's Public IP Address and Port 8080

    It may take from 3 to 10 minutes after the hands-on lab has started before you can access the Tomcat server on Port 8080.

    To access the server, visit the external IP address and test in a web browser on port 8080.

    For example, if the IP address shown was 3.92.152.3 then you would put the following URL into your web browser:
    http://3.92.152.3:8080.

  2. Challenge

    Log into the Server Console to Perform the Required Tasks

    Ensure you can log into the provided server.

  3. Challenge

    Change the Tomcat Server so It Uses Digest Authentication

    Change to the /usr/local/tomcat9 folder and edit the conf/server.xml:

    Find the following lines:

     <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase"/>
 </Realm>

    Replace them with the this:

     <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase">
                <CredentialHandler className="org.apache.catalina.realm.MessageDigestCredentialHandler" algorithm="sha-512" />
            </Realm>
 </Realm>

    Save the file and exit.

  4. Challenge

    You Will Need to Create the SHA-512 Key with the Password of Your Choice

    From the tomcat folder, run the bin/digest command with appropriate options:

    • If the password is PenguinTemp61 then the following command would generate the hash: 
      ./bin/digest.sh -a sha-512 -h org.apache.catalina.realm.MessageDigestCredentialHandler PenGuinTemp88

    Copy the generated hash to the clipboard. It will be used later.

    NOTE: Your password will be echoed back to you as part of the returned response. Don't copy the password or the :, just the long string of numbers.

  5. Challenge

    You Will Need to Change the tomcat-users.xml File to Make Use of the Password Hash You Generated

    Edit the conf/tomcat-users.xml file and replace the plain text password with the hash you copied earlier.

    Be careful to only replace the old password that's inside the quotes (""). Leave the rest of the entry as is. If you have problems logging into the GUI after the change then check to make sure the formatting of that line of user information is correct.

    Since changes were made to the server.xml you will need to restart the Tomcat server:

    sudo systemctl restart tomcat

  6. Challenge

    Test That the New User Works by Using It to Log into the Server

    Go to the Tomcat server in your web browser by going to the public IP address of the server and appending :8080 to it.

    Then go to the Manager App in the GUI. You should get a username and password prompt. Enter the username and password.

    You should be able to log in.

    If you are unable to log in. Troubleshoot the changes that were made.

A Cloud Guru - Labs - Adding a User to Tomcat
Author
A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans