81,092
社区成员
发帖
与我相关
我的任务
分享tomcat管理员manager app进不去
ie浏览器输入http://localhost:8080/进入tomcat页面后,点击manager app输入用户名(admin)密码(admin)后页面跳转出现如下错误:
备注:tomcat7.0.39版本,已配置好tomcat\conf\tomcat-users.xml文件下admin用户和密码
403 Access Denied
You are not authorized to view this page.
If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the main Manager page. Once you return to this page, you will be able to continue using the Manager appliction's HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application.
If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.
For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.
<role rolename="manager-gui"/>
<user username="tomcat" password="s3cret" roles="manager-gui"/>
Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.
•manager-gui - allows access to the HTML GUI and the status pages
•manager-script - allows access to the text interface and the status pages
•manager-jmx - allows access to the JMX proxy and the status pages
•manager-status - allows access to the status pages only
The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:
•Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.
•If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.
For more information - please see the Manager App HOW-TO.
备注:tomcat7.0.39版本,已配置好tomcat\conf\tomcat-users.xml文件下admin用户和密码
403 Access Denied
You are not authorized to view this page.
If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the main Manager page. Once you return to this page, you will be able to continue using the Manager appliction's HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application.
If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.
For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.
<role rolename="manager-gui"/>
<user username="tomcat" password="s3cret" roles="manager-gui"/>
Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.
•manager-gui - allows access to the HTML GUI and the status pages
•manager-script - allows access to the text interface and the status pages
•manager-jmx - allows access to the JMX proxy and the status pages
•manager-status - allows access to the status pages only
The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:
•Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.
•If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.
For more information - please see the Manager App HOW-TO.
...全文
请发表友善的回复…
发表回复
Wsmtht 2016-04-17
- 打赏
- 举报
<role rolename="manager"/>。。。。。是tomcat6配置,另一个是tomcat7配置
baidu_34131305 2016-03-01
- 打赏
- 举报
在修改”tomcat-users.xml“的过程中一定要将Tomcat关闭,设置好后再打开Tomcat
木子007 2014-05-15
- 打赏
- 举报
我也没进去WEIWEI_115115 2014-05-07
- 打赏
- 举报
我这样配置了还是进不去,怎么办呢
lt3 2013-07-28
- 打赏
- 举报
不用去不配置, 只需一句就够了。
manager-gui - Allows access to the html interface
gui——图形用户界面
程序大视界 2013-07-28
- 打赏
- 举报
可以了,真心感谢!我想问按照你给的配置
<role rolename="manager"/> 和<role rolename="manager-gui"/>
有什么区别啊,<role rolename="admin"/>跟<role rolename="admin-gui"/>呢?
一定要全配置上吗?
街头小贩 2013-07-28
- 打赏
- 举报
tomcat\conf\tomcat-users.xml
<role rolename="manager"/>
<role rolename="manager-gui"/>
<role rolename="admin"/>
<role rolename="admin-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="manager-status"/>
<user username="Tomcat" password="Tomcat" roles="admin-gui,admin,manager-gui,manager,manager-script,manager-jmx,manager-status"/>
