I have set up tomcat 8 according to this, and I have the following tomcat-users.xml file:
<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<user username="notadmin" password="not_real_pass" roles="manager-gui"/>
<user username="cargo" password="not_real_pass" roles="manager-script"/>
<tomcat-users/>
When I try to access the Manager App, I get rejected with 403 without any prompt for username and password.
What did I miss in the config?
Edit1: Added full xml file.
This may be work.
Find the CATALINA_HOME/webapps/manager/META-INF/context.xml
file and add the comment markers around the Valve.
<Context antiResourceLocking="false" privileged="true" >
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>
You can find more details at this page.
The solution that worked for me is edit context.xml
files in both $CATALINA_HOME/webapps/manager/META-INF
and $CATALINA_HOME/webapps/host-manager/META-INF
where my ip is 123.123.123.123
.
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|123.123.123.123" />
</Context>
I installed Tomcat 8.5 on Ubuntu and edited $CATALINA_HOME/conf/tomcat-users.xml
:
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="myuser" password="mypass" roles="admin-gui,manager-gui"/>
However, I still couldn't access both Tomcat Web Application Manager (localhost:8080/manager/html
) and Tomcat Virtual Host Manager (localhost:8080/host-manager/html
) until I edited context.xml
files.
Correct answer can be found here
Looks like this issue can be reproduced while folowing mentioned tutorial on unix machines. Also noticed that author uses TC 8.0.33
Win (and OSX) do not have such issue, at least on my env:
Server version: Apache Tomcat/8.5.4
Server built: Jul 6 2016 08:43:30 UTC
Server number: 8.5.4.0
OS Name: Windows 8.1
OS Version: 6.3
Architecture: amd64
Java Home: C:\TOOLS\jdk1.8.0_101\jre
JVM Version: 1.8.0_101-b13
JVM Vendor: Oracle Corporation
CATALINA_BASE: C:\TOOLS\tomcat\apache-tomcat-8.5.4
CATALINA_HOME: C:\TOOLS\tomcat\apache-tomcat-8.5.4
After tomcat-users.xml
is modified by adding role and user Tomcat Web Application Manager
can be accessed on Tomcat/8.5.4
.
Useful link here: Access Tomcat Manager App from different host
From Tomcat version 8 onward's, manager/html url won't be accessible to anyone except localhost.
In order to access /manager/html url, you need to do below change in context.xml of manager app. 1. Go to /apache-tomcat-8.5.23/webapps/manager/META-INF location, then edit context.xml
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="^.*$" />
......
</Context>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With