Tomcat’s user database realm uses the tomcat-users.xml file by default and reads the entire file into memory. Once the realm has loaded the file into memory, no modification to the tomcat-users.xml file will be reflected until the next server restart. Here’s tomcat-users.xml:
<?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="tomcat"/> <role rolename="role1"/> <user username="tomcat" password="tomcat" roles="tomcat"/> <user username="both" password="tomcat" roles="tomcat,role1"/> <user username="role1" password="tomcat" roles="role1"/> </tomcat-users>
Each role that a user can play is defined with a <role> element, and each user has a <user> entry. Note how a user can have more than one role by adding a comma-separated list to the roles attribute.