Tomcat 7 Manager - how to authenticate?

前端 未结 5 1448
北海茫月
北海茫月 2020-12-08 05:13

I am trying to log in tomcat manager app but i cannot successfully create a login user in the tomcat-users.xml. The initial content was this:



        
相关标签:
5条回答
  • 2020-12-08 05:45

    Have you configured your database realm in the server.xml on the conf folder? The default server.xml has the UserDatabase resource already setup so if you have changed that then no matter how you setup the tomcat-user xml, you would not be able to authenticate.

    In the conf/server.xml file... In the GlobalNamingResource tag define a Resource to use MemoryUserDatabaseFactory and within your Engine define a Realm to use UserDatabaseRealm. Just open the original server.xml (I'm using tomcat 7.0.62) and search for these names and you'll see the configurations. Based on your app and needs you may need to make additional changes.

    0 讨论(0)
  • 2020-12-08 05:50

    It seems this is the correct configuration. Care not to separate roles with spaces !

    <?xml version="1.0" encoding="UTF-8"?>
    <tomcat-users>  
      <role rolename="manager-gui"/>
      <role rolename="manager-script"/>
      <role rolename="manager-jmx"/>
      <role rolename="manager-status"/>
      <role rolename="admin-gui"/>
      <role rolename="admin-script"/>
      <user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>
    </tomcat-users>
    
    0 讨论(0)
  • 2020-12-08 05:55

    You shouldn't combine the manager-gui roles with the manager-script or -jmx roles, because of compromising the Cross Site Scripting protection. The last manager roles can't be protected like the gui role.

    0 讨论(0)
  • 2020-12-08 05:57

    You have add manager role user to access this feature. For this edit tomcat-users.xml file at apache-tomcat-7.0.56-windows-x64\apache-tomcat-7.0.56\conf if u are on windows. Search for <role rolename= > line. This will probrably commented. Add this code :-

    <role rolename="manager-gui"/>
    <user username="your-user-name" password="your-password" roles="manager-gui,manager-script"/>
    
    0 讨论(0)
  • 2020-12-08 05:59

    Accepted answer is wrong in one detail but VERY imporant one - there shouldn't be ANY spaces between roles for admin, as this list should be comma separated (as pointed out here Tomcat 7 Manager can't login). I just had same problem and resolved it same way.

    So, instead of this (as suggested in some answers:

    <user username="admin" password="admin" roles="manager-gui, manager-script, manager-jmx, manager-status, admin-gui, admin-script"/>
    

    it MUST be like this:

      <user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>
    

    So altogether it should look like this:

    <?xml version="1.0" encoding="UTF-8"?>
    <tomcat-users>
      <role rolename="manager-gui"/>
      <role rolename="manager-script"/>
      <role rolename="manager-jmx"/>
      <role rolename="manager-status"/>
      <role rolename="admin-gui"/>
      <role rolename="admin-script"/>
      <user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>
    </tomcat-users>
    
    0 讨论(0)
提交回复
热议问题