HTTP Status 403 – Access to the requested resource has been denied

原创 2012年03月22日 10:38:16

访问地址:

http://localhost:8080/manager/status

http://localhost:8080/manager/html

错误提示

HTTP Status 403 – Access to the requested resource has been denied


type Status report

message Access to the requested resource has been denied

description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.


Apache Tomcat/7.0.21

解决方法:

先进入manager所在目录
[root@localhost tomcat]# cd webapps/manager/WEB-INF/
查看 web.xml
[root@localhost WEB-INF]# more  web.xml

  <!-- Define a Security Constraint on this Application -->
  <!-- NOTE:  None of these roles are present in the default users file -->
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>HTML Manager interface (for humans)</web-resource-name>
      <url-pattern>/html/*</url-pattern> 对应:http://localhost:8080/manager/html
    </web-resource-collection>
    <auth-constraint>
       <role-name>manager-gui</role-name> 定义了访问这个页面的角色名:manage-gui
    </auth-constraint>
  </security-constraint>
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Text Manager interface (for scripts)</web-resource-name>
      <url-pattern>/text/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
       <role-name>manager-script</role-name>
    </auth-constraint>
  </security-constraint>
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>JMX Proxy interface</web-resource-name>
      <url-pattern>/jmxproxy/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
       <role-name>manager-jmx</role-name>
    </auth-constraint>
  </security-constraint>

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Status interface</web-resource-name>
     <url-pattern>/status/*</url-pattern> 对应:http://localhost:8080/manager/status  
    </web-resource-collection>
    <auth-constraint>
       <role-name>manager-gui</role-name> 
       <role-name>manager-script</role-name>
       <role-name>manager-jmx</role-name>
       <role-name>manager-status</role-name>
    </auth-constraint>
  </security-constraint>

进入host-manager所在目录
[root@localhost tomcat]# cd webapps/host-manager/WEB-INF/
查看 web.xml
[root@localhost WEB-INF]# more  web.xml

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>HTMLHostManager commands</web-resource-name>
      <url-pattern>/html/*</url-pattern> 对应:http://192.168.14.219:8080/host-manager/html
    </web-resource-collection>
    <auth-constraint>
       <!-- NOTE:  This role is not present in the default users file -->
       <role-name>admin-gui</role-name> 定义了管理角色名称</auth-constraint>
  </security-constraint>
  <!-- Security roles referenced by this web application -->
  <security-role>
    <description>
      The role that is required to log in to the Host Manager Application HTML
 interface
    </description>
    <role-name>admin-gui</role-name>
  </security-role>
  <security-role>
    <description>
      The role that is required to log in to the Host Manager Application text
      interface
    </description>
    <role-name>admin-script</role-name>
  </security-role>

 

编辑Tomcat用户配置文件,添加角色
[root@localhost tomcat]# vi conf/tomcat-users.xml

<tomcat-users>
<!--
  NOTE:  By default, no user is included in the "manager-gui" role required
  to operate the "/manager/html" web application.  If you wish to use this app,
  you must define such a user - the username and password are arbitrary.
-->
<!--
  NOTE:  The sample user and role entries below are wrapped in a comment
  and thus are ignored when reading this file. Do not forget to remove
  <!.. ..> that surrounds them.
-->
<!-- 这里有个注释符号去掉,使下面的生效
  <role rolename="tomcat"/>
  <role rolename="role1"/>
<!--添加管理页面访问角色-->
  <role rolename="manager-gui"/> 
  <role rolename="admin-gui"/>
  <user username="manager" password="manager" roles="manager-gui,admin-gui"/>
  <user username="tomcat" password="tomcat" roles="tomcat"/>
  <user username="both" password="tomcat" roles="tomcat,role1"/>
  <user username="role1" password="tomcat" roles="role1"/>
--> 这里有个注释符号去掉,是下面的生效
</tomcat-users>

重启 tomcat

[root@localhost tomcat]# ./bin/shutdown.sh
[root@localhost tomcat]# ./bin/startup.sh

总结:
虚拟目录/WEB-INF/web.xml一般定义了访问这个目录的安全角色名称,得知这个安全角色名称后便可在conf/tomcat-users.xml添加对应的访问角色,获得访问权限。(于是这里也是个黑客可以利用的后门。。。)


版权声明:本文为博主原创文章,未经博主允许不得转载。

相关文章推荐

HTTP Status 403 - Access to the requested resource has been denied

导读:   刚刚解压版的Tomcat5.0.12,启动setup.bat后,通过浏览器访问:http://127.0.0.1:8080/admin   在登录界面输入用户名 both 和密码 tomc...
  • sbpya
  • sbpya
  • 2007-11-15 16:15
  • 3544

(二)Solr的安装配置及部署

下载solr下载地址:http://archive.apache.org/dist/lucene/solr/或去百度云盘链接:链接:http://pan.baidu.com/s/1o8wGwuI 密码...

Java之基于Eclipse搭建SSH框架(下)

在上篇博客里,我简单介绍了Tomcat滴配置与Struts2滴搭建,如果对这个还不会滴童鞋去看一下我滴上篇博客《Java之基于Eclipse搭建SSH框架(上)》。今天我们接着上篇博客滴内容,继续搭建...

HTTP Status 403 - Access to the requested resource has been denied

tomcat-5.0.28,启动setup.bat后,通过浏览器访问:http://localhost:8080/admin 在登录界面输入用户名 tomcat 和密码 tomcat 后出现下面...

[Tomcat]HTTP Status 403 - Access to the requested resource has been denied

HTTP Status 403 - Access to the requested resource has been denied问题原因: $CATALINA_HOME/conf 目录下的 tom...

腾讯公司活動電話是多少_____↙

腾讯公司 总 部 电 话《95013+2195+0586》抽奖电话《95013+2195+0586》活动热线《95013+2195+0586》非常6+1 电 话《95013+2195+0586》幸 运...

Linux下swoole环境搭建

传统php 在传统的思维定式中,提起php,很多人都认为它就是一个搞网站的服务器端语言,事实上也确实如此,在网络通信,游戏,物联网,智能家居等领域,php就显得很不受欢迎了,但是swoole的出现,将...

TOMCAT "Access to the requested resource has been denied" 的解决办法

type Status reportmessageAccess to the requested resource has been denieddescriptionAccess to the sp...
  • lcj8
  • lcj8
  • 2009-02-20 10:20
  • 15299

HTTP Status 404 - The requested resource (/Test/loginSerlet) is not available.

struts2         /*                 index.h...

The requested resource (/proj3/MyJsp.jsp) is not available/HTTP Status 404错误的其中一种

网上回答一波一波,坑爹也是一波一波,自己尝试了好多方法,大家都知道路径有错但是都不知道自己路径错在哪里,所以那些回答等于废话一堆,无意用里面写好index.jsp测试发现了这个问题。少说废话直接上图测...
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:深度学习:神经网络中的前向传播和反向传播算法推导
举报原因:
原因补充:

(最多只允许输入30个字)