发表新帖
发表新帖

Access Tomcat Manager App from different host

前端 未结
关注
4 1890
一个人的身影
一个人的身影 2020-11-30 17:18

I have installed tomcat 9 on a remote sever and after starting it, it was brought up fine, I can access http://host_name:port_num and see tomcat hello page. But when I try t

相关标签:
4条回答
  • 走了就别回头了
    2020-11-30 17:52

    For Tomcat v8.5.4 and above, the file <tomcat>/webapps/manager/META-INF/context.xml has been adjusted:

    <Context antiResourceLocking="false" privileged="true" >
    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
</Context>

    Change this file to comment the Valve:

    <Context antiResourceLocking="false" privileged="true" >
    <!--
    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
    -->
</Context>

    After that, refresh your browser (not need to restart Tomcat), you can see the manager page.

    0 讨论(0)
  • 有刺的猬
    2020-11-30 17:59 
    Following two configuration is working for me.

1 .tomcat-users.xml details
--------------------------------
  <role rolename="manager-gui"/>
  <role rolename="manager-script"/>
  <role rolename="manager-jmx"/>
  <role rolename="manager-status"/>
  <role rolename="admin-gui"/>
  <role rolename="admin-script"/>
  <role rolename="tomcat"/>


  <user  username="tomcat"  password="tomcat" roles="tomcat"/>

  <user  username="admin"  password="admin" roles="admin-gui"/>

  <user  username="adminscript"  password="adminscrip" roles="admin-script"/>

  <user  username="tomcat"  password="s3cret" roles="manager-gui"/>
  <user  username="status"  password="status" roles="manager-status"/>

  <user  username="both"    password="both"   roles="manager-gui,manager-status"/>

  <user  username="script"  password="script" roles="manager-script"/>
  <user  username="jmx"     password="jmx"    roles="manager-jmx"/>

2. context.xml  of <tomcat>/webapps/manager/META-INF/context.xml and 
<tomcat>/webapps/host-manager/META-INF/context.xml
------------------------------------------------------------------------
<Context antiResourceLocking="false" privileged="true" >

  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow=".*" />
  <Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|org\.apache\.catalina\.filters\.CsrfPreventionFilter\$LruCache(?:\$1)?|java\.util\.(?:Linked)?HashMap"/>
    0 讨论(0)
  • 独厮守ぢ
    2020-11-30 18:11

    Each deployed webapp has a context.xml file that lives in 

    $CATALINA_BASE/conf/[enginename]/[hostname]

(conf/Catalina/localhost by default)

    and has the same name as the webapp (manager.xml in this case). If no file is present, default values are used.

    So, you need to create a file conf/Catalina/localhost/manager.xml and specify the rule you want to allow remote access. For example, the following content of manager.xml will allow access from all machines:

    <Context privileged="true" antiResourceLocking="false" 
         docBase="${catalina.home}/webapps/manager">
    <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="^.*$" />
</Context>

    Note that the allow attribute of the Valve element is a regular expression that matches the IP address of the connecting host. Other Valve classes cater for other rules (e.g. RemoteHostValve for matching host names).

    Once the changes above have been made, you should be presented with an authentication dialog when accessing the manager URL. If you enter the details you have supplied in tomcat-users.xml you should have access to the Manager.

    0 讨论(0)
  • 甜味超标
    2020-11-30 18:11

    To access the tomcat manager from different machine you have to follow bellow steps:

    1. Update conf/tomcat-users.xml file with user and some roles:

    <role rolename="manager-gui"/>
 <role rolename="manager-script"/>
 <role rolename="manager-jmx"/>
 <role rolename="manager-status"/>
 <user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status"/>

    Here admin user is assigning roles="manager-gui,manager-script,manager-jmx,manager-status".

    Here tomcat user and password is : admin

    2. Update webapps/manager/META-INF/context.xml file (Allowing IP address):

    Default configuration:

    <Context antiResourceLocking="false" privileged="true" >
  
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
  
  <Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|org\.apache\.catalina\.filters\.CsrfPreventionFilter\$LruCache(?:\$1)?|java\.util\.(?:Linked)?HashMap"/>
</Context>

    Here in Valve it is allowing only local machine IP start with 127.\d+.\d+.\d+ .

    2.a : Allow specefic IP:

    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|YOUR.IP.ADDRESS.HERE" />

    Here you just replace |YOUR.IP.ADDRESS.HERE with your IP address

    2.b : Allow all IP:

    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow=".*" />

    Here using allow=".*" you are allowing all IP.

    Thanks :)

    0 讨论(0)
 看不清?
提交回复
热议问题