Featured resource
2025 Tech Upskilling Playbook
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Check it out
  • Lab
    • Libraries: If you want this lab, consider one of these libraries.
    • Cloud
Google Cloud Platform icon
Labs

Adding a User to Tomcat

Welcome to this hands-on lab for adding users to Tomcat 9 using Red Hat Enterprise 8. Apache's Tomcat is a Java based application platform built around deploying and managing Java Web Applications. This lab focuses on adding new users to an existing Tomcat environment. The server provided is Red Hat Enterprise 8, and has Tomcat 9 preinstalled for you (available on port **8080**). You will log into the server and add a user that uses digest authentication to validate that the password is correct. You will need to edit the `server.xml` file Once you create the SHA-512 key, you will need to change the `tomcat-users.xml` file to make use of it. Then you will need to confirm that everything works by logging into the server as that user.

Google Cloud Platform icon
Lab platform
Lab Info
Level
Intermediate
Last updated
Sep 21, 2025
Duration
30m

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
Table of Contents
  1. Challenge

    Test to Ensure You Can Access the Preconfigured Tomcat Instance, Using the Server's Public IP Address and Port 8080

    It may take from 3 to 10 minutes after the hands-on lab has started before you can access the Tomcat server on Port 8080.

    To access the server, visit the external IP address and test in a web browser on port 8080.

    For example, if the IP address shown was 3.92.152.3 then you would put the following URL into your web browser:
    http://3.92.152.3:8080.

  2. Challenge

    Log into the Server Console to Perform the Required Tasks

    Ensure you can log into the provided server.

  3. Challenge

    Change the Tomcat Server so It Uses Digest Authentication

    Change to the /usr/local/tomcat9 folder and edit the conf/server.xml:

    Find the following lines:

     <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
                 resourceName="UserDatabase"/>
     </Realm>
    

    Replace them with the this:

     <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
                 resourceName="UserDatabase">
                    <CredentialHandler className="org.apache.catalina.realm.MessageDigestCredentialHandler" algorithm="sha-512" />
                </Realm>
     </Realm>
    

    Save the file and exit.

  4. Challenge

    You Will Need to Create the SHA-512 Key with the Password of Your Choice

    From the tomcat folder, run the bin/digest command with appropriate options:

    • If the password is PenguinTemp61 then the following command would generate the hash:
      ./bin/digest.sh -a sha-512 -h org.apache.catalina.realm.MessageDigestCredentialHandler PenGuinTemp88
      

    Copy the generated hash to the clipboard. It will be used later.

    NOTE: Your password will be echoed back to you as part of the returned response. Don't copy the password or the :, just the long string of numbers.

  5. Challenge

    You Will Need to Change the tomcat-users.xml File to Make Use of the Password Hash You Generated

    Edit the conf/tomcat-users.xml file and replace the plain text password with the hash you copied earlier.

    Be careful to only replace the old password that's inside the quotes (""). Leave the rest of the entry as is. If you have problems logging into the GUI after the change then check to make sure the formatting of that line of user information is correct.

    Since changes were made to the server.xml you will need to restart the Tomcat server:

    sudo systemctl restart tomcat
    
  6. Challenge

    Test That the New User Works by Using It to Log into the Server

    Go to the Tomcat server in your web browser by going to the public IP address of the server and appending :8080 to it.

    Then go to the Manager App in the GUI. You should get a username and password prompt. Enter the username and password.

    You should be able to log in.

    If you are unable to log in. Troubleshoot the changes that were made.

About the author

Pluralsight Skills gives leaders confidence they have the skills needed to execute technology strategy. Technology teams can benchmark expertise across roles, speed up release cycles and build reliable, secure products. By leveraging our expert content, skill assessments and one-of-a-kind analytics, keep up with the pace of change, put the right people on the right projects and boost productivity. It's the most effective path to developing tech skills at scale.

Real skill practice before real-world application

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Learn by doing

Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.

Follow your guide

All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.

Turn time into mastery

On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.

Get started with Pluralsight