This section examines two of the Tomcat Configuration Files (found in the ${tomcat_home}/conf directory) and how to modify them for use with the TDS.
 Note: 
This section assumes you have successfully installed the JDK and Tomcat Servlet Container as outlined in the Installation of Java and Tomcat section.
${tomcat_home}/conf/server.xml
- XML file (well-formed syntax is important).
- Tomcat’s main configuration file.
- Changes to server.xmldo not take effect until Tomcat is restarted.
- Where we make changes to enhance TDS security.
Important elements in server.xml
Examine the elements in server.xml.
Move into the ${tomcat_home}/conf directory and examine the server.xml file (${tomcat_home} is /usr/local in this example):
# cd /usr/local/tomcat/conf
# less server.xml
| Tag Name | Instances | How it relates to the TDS | 
|---|---|---|
| <Server> | 1…1 | Not modified unless you want to change the port number Tomcat listens for a SHUTDOWNcommand. (Enabled by default.) | 
| <GlobalNamingResources> | 0…* | Needed to contain the UserDatabasethat corresponds to theUserDatabaseRealmused to authenticate users. (Enabled by default.) | 
| <Resource> | 0…* | Editable user database ( tomcat-users.xml) used byUserDatabaseRealmto authenticate users. (UserDatabaseRealmResource enabled by default.) | 
| <Service> | 1…* | Not modified unless youwish to establish more than one service. (Catalina Service enabled by default.) | 
| <Connector> | 1…* | Used to establish HTTP and SSL connections. Also will communicate with an web server for proxying requests. (HTTP connector enabled by default on port 8080.) | 
| <Engine> | 1…1 | Not modified unless you specify a Host other than localhost. (Enabled by default.) | 
| <Realm> | 0…* | The UserDatabaseRealmuses theUserDatabaseconfigured in the global JNDI Resource. (UserDatabaseRealmenabled by default.) | 
| <Valve> | 0…* | The RemoteAddrValveis used to filter access to the TDS based on IP address. (NOT enabled by default. You will need to add this if you want to use IP Filtering.) | 
| <Host> | 1…* | Not modified unless you specify a Hostother thanlocalhost. (localhostenabled by default.) | 
| <Valve> | 0…* | We modify the AccessLogValveto customize the access logs generated by Tomcat. (NOT enabled by default. You will need to add this if you want to enable access logging. ) | 
${tomcat_home}/conf/tomcat-users.xml
- XML file (well-formed syntax is important).
- Stores user names, passwords and roles.
- Changes to tomcat-users.xmldo not take effect until Tomcat is restarted.
- What the TDS uses for user authentication and access control.
Important elements in tomcat-users.xml
Examine the elements in tomcat-users.xml:
# pwd
/usr/local/tomcat/conf
# less tomcat-users.xml
Reference the table below to see how the tomcat-users.xml elements relate to configuring TDS (mouse-over the element for a description):
| Tag Name | Instances | How it relates to the TDS | 
|---|---|---|
| <tomcat-users> | 1…1 | Not modified. (The only tag you get by default.) | 
| <role> | 1…* | You will have at least two of these: one for the Tomcat manager application and one for the TDS. (You will need to add if you want to enable role-based authentication.) | 
| <user> | 1…* | You will need to create an entry for each user who needs access to the Tomcat manager application and/or the restricted areas of the TDS. (You will need to add if you want to enable user authentication.) | 
Next Step
Next, we’ll see how to obtain and deploy the TDS in the Tomcat Servlet Container.