Over a million developers have joined DZone.

An In-Depth Look at Tomcat's tomcat-users.xml File and Manager

DZone's Guide to

An In-Depth Look at Tomcat's tomcat-users.xml File and Manager

In today's post, we take a look at tomcat-users.xml and Tomcat's file manager, and how they can aid in the development of web apps.

· Web Dev Zone ·
Free Resource

Access over 20 APIs and mobile SDKs, up to 250k transactions free with no credit card required


In my previous article, I tried to explain Tomcat's server.xml file with different tags.

Today I am going to explain the tomcat-users.xml file for Tomcat.

I faced a situation where I had to shut down Tomcat and restart it in order to deploy a new web application. Then I learned that for deploying a new web application I don't need to stop and restart the container, as Tomcat will automatically take care of it and it will start the new web application. So I was good at this stage. Then again, I was doing the same process for un-deploying an existing application or for replacing that web application, as I was unaware of the information which I am sharing today.

So, in many of the development environments, we may need to deploy and un-deploy a web application for testing and when there are multiple web applications, as nowadays microservice-based architecture is trendy, it is necessary to save the development and testing time, which will be used to achieve zero downtime in the production environment.

We observed that when we are downloading Tomcat, it gives a manager as a folder under web apps. That folder's for us.

I will tell you how to configure that. First, let's see the capabilities provided by the manager.

  • Capabilities:
    1. Deploy a new web application.
    2. List the currently deployed web applications.
    3. Reload an existing web application (this is very useful when we changed in classes or lib under WEB-INF).
    4. List the OS and JVM property values.
    5. Start a stopped application (we'll use this to make that web app available without restarting Tomcat).
    6. Stop an existing application.
    7. You can list the web applications which appear to have triggered a memory leak on stop, reload, or undeploy.
    8. Undeploy a deployed web application and delete its data.
  • Configuration:
    • We will set the URL which allows us to chang all these things from the manager. For that, we have to create one xml file under $CATALINA_BASE/conf/Catalina/localhost named, manager.xml
    <Context privileged="true" antiResourceLocking="false"
      <Valve className="org.apache.catalina.valves.RemoteAddrValve"
             allow="127\.0\.0\.1" />
    • So here you can see that you have to enter the IP which you are going to manage under the allow tag. This will change the default value of access manager from localhost to
    • Tomcat believes that it would be quite unsafe to keep Tomcat operating with its default settings, which allow anyone to execute the manager application on the server. That is the reason why we have to authenticate ourselves by providing a username and password to access the manager application. Also, by default (when we download tomcat), access to the manager application is completely disabled, as there is no username in the tomcat-users.xml file.
    • Now here, we will discuss the manager-gui role of the manager. There are more roles, you can see the web.xml file located under a $CATALINE_BASE directory.
  • Manager-GUI Role:
    • This role will grant the HTML interface of the manager application.
    • We have to set the combination of username and password under the tomcat-users.xml file for this role to access the manager application via the HTML interface.
    <user username="admin" password="password" roles="standard,manager-gui,admin-gui"/>
    • Use this snippet to add a user with the role mentioned above.
    • Now, in my case, the URL which I have to open is, which will open a page like below. tomcat-manager
    • Here, you can see the user interface and I think it is a really easy to follow guide. So, I am not explaining it. But let me highlight the major items:
      • From the Application tag, you can start, stop, reload, and un-deploy your web application without affecting other web applications.
      • From the Deploy tag, you can deploy the new war files. Which will automatically run the new web app.

Comments are most welcome.

Happy Coding!

#1 for location developers in quality, price and choice, switch to HERE.

apache tomcat ,web dev ,xml file ,tomcat 8

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}