Accessing TDS Monitoring and Debugging Tools

TDS Administrator's Guide Accessing TDS Monitoring and Debugging Tools

Accessing TDS Monitoring and Debugging Tools

Other than the compelling security reasons, you will want to enable TLS to take advantage of the TDS Remote Management Tool and the TdsMonitor Tool monitoring and debugging tools.

Enable TLS in Tomcat If Tomcat has not already been configured to run via TLS, follow the tutorial in the previous section to Enable TLS in Tomcat.

Modify ${tomcat_home}/conf/tomcat-users.xml to add the new tdsConfig and tdsMonitor roles. Add these roles to your list of roles:

<tomcat-users xmlns="http://tomcat.apache.org/xml"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
              version="1.0">
<!--
  NOTE:  By default, no user is included in the "manager-gui" role required
  to operate the "/manager/html" web application.  If you wish to use this app,
  you must define such a user - the username and password are arbitrary. It is
  strongly recommended that you do NOT use one of the users in the commented out
  section below since they are intended for use with the examples web
  application.
-->
<!--
  NOTE:  The sample user and role entries below are intended for use with the
  examples web application. They are wrapped in a comment and thus are ignored
  when reading this file. If you wish to configure these users for use with the
  examples web application, do not forget to remove the <!.. ..> that surrounds
  them. You will also need to set the passwords to something appropriate.
-->
  <role rolename="manager-gui"/>
  <role rolename="tdsConfig"/>
  <role rolename="tdsMonitor"/>
  <user username="admin" 
        password="bb7a2b6cf8da7122125c663fc1585808170b2027677195e0ad121f87b27320ae$1$55003acb56e907b19d29d3b4211dc98c837354690bc90579742d6747efeec4ea" 
        roles="manager-gui, tdsConfig, tdsMonitor"/>
</tomcat-users>

Important: Keep in mind: Changes to ${tomcat_home}/conf/tomcat-users.xml do not take effect until Tomcat is restarted.

Restart Tomcat and access the TDS Remote Management Tool in your browser (authenticate with the login/password specified in ${tomcat_home}/conf/tomcat-users.xml).

Resources

Qualys SSL Server Test is a free online service that analyzes the configuration of any public TLS web server. Note: be sure to check the Do not show the results on the boards box if you do not want your results to be public.
TLS/SSL Configuration HOW-TO The Apache Tomcat document detailing how to enable TLS.
Tomcat Migration Guide A document detailing the various changes between Tomcat versions.

Note: For more information on how TLS works, Wikipedia details the steps involved during an TLS transaction.