tomcat管理授权:tomcat-users.xml

最新推荐文章于 2022-12-29 09:59:01 发布
最新推荐文章于 2022-12-29 09:59:01 发布
阅读量174 收藏
点赞数
文章标签: java
原文链接:http://www.cnblogs.com/ioveNature/p/8034622.html
版权

ou are not authorized to view this page.

If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the main Manager page. Once you return to this page, you will be able to continue using the Manager appliction's HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application.

If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.

For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.

<role rolename="manager-gui"/>
<user username="tomcat" password="s3cret" roles="manager-gui"/>

Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.

  • manager-gui - allows access to the HTML GUI and the status pages
  • manager-script - allows access to the text interface and the status pages
  • manager-jmx - allows access to the JMX proxy and the status pages
  • manager-status - allows access to the status pages only

The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:

  • Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.
  • If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.
    For more information - please see the Manager App HOW-TO.

转载于:https://www.cnblogs.com/ioveNature/p/8034622.html

aihuo4431
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
tomcat 登录用户名 与 密码设置
leo115的专栏
11-17 1万+
401 Unauthorized You are not authorized to view this page. If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain
apache-tomcat-8.5.100.tar.gz
最新发布
05-29
- 默认情况下,Tomcat管理功能(如Manager和HostManager)是禁用的,需要在conf/tomcat-users.xml中添加用户和角色来启用。 - 应定期更新到最新版本,以获得最新的安全补丁。 4. 性能优化: - 调整JVM参数,如...
解决登录不上网页得tomcat授权manager-gui角色的操作如下)
weixin_30467087的博客
11-01 136
1:编辑/usr/local/tomcat/conf/tomcat-users.xml文件,在没有注释的内容中添加: <role rolename="manager-gui" /> <user username="tomcat" password="tomcat" roles="manager-gui" /> 2:停止Tomcat应用,在启动Tomcat应...
安装tomacat之后出现需要授权窗口
weixin_30595035的博客
06-17 224
安装tomacat之后登录网页,出现需要授权窗口,输入正确密码后依然会循环弹出该窗口。 原因: 因为tomcat的端口与oracle的端口重复了。 解决: 进入任务管理器,然后将oracle运行的程序都关闭(结束运行),再次重启tomcat,再次输入就好了。 转载于:https://www.cnblogs.com/1693977889zz/p/11041576.html...
安装tomacat之后出现要授权且循环的状态下
weixin_43190126的博客
12-18 163
安装tomacat之后登录网页出现要授权且循环的状态下 是因为tomcat的端口与oracle的端口重复了,这是只需要进入任务管理器,然后将oracle运行的程序都关闭(结束运行),再次重启tomcat,再次输入就好了 ...
Tomcat tomcat-users.xml帮你登录Server Status
小楼一夜听春雨,深巷明朝卖杏花
07-02 661
启动tomcat后,访问127.0.0.1会进入如下页面 点击红框部分的Server Status、Manager App、Host Manager按钮会弹出一个输入用户名和密码的弹窗 点击取消之后会进入一个提示401的页面,这个页面表示未授权,必须授权之后才能访问 那这里的用户名和密码去哪里获取呢? 如果之前没有配置过这里的用户和密码,就需要我们去配置;如果之前已经配置过,就需要我们去查看。 [root@localhost ~]# cd /usr/local/to...
apache-tomcat-9.0.54-deployer.tar.gz
10-15
- 为了确保安全性,应配置`tomcat-users.xml`文件,添加用户和角色,启用基于角色的访问控制(RBAC)。 - 使用SSL/TLS进行加密通信,配置`server.xml`中的`<Connector>`元素以启用HTTPS。 - 定期更新Tomcat以修复...
apache-tomcat-8.5.97-windows-x.zip
12-16
- 通过修改conf/tomcat-users.xml文件添加用户和角色,实现基于角色的访问控制。 - 使用SSL/TLS加密传输,通过修改server.xml中的Connector配置。 8. **监控和管理工具**: - Tomcat提供了一个管理Web应用,例如...
tomcat-users.xml
03-12
Tomcat Manager是Tomcat自带的、用于对Tomcat自身以及部署在Tomcat...Manager需要以用户角色进行登录并授权才能使用相应的功能,不过Tomcat并没有配置 任何用户,因此我们需要先进行用户配置后才能使用Tomcat Manager
tomcat user
ksgimi
10-26 145
You are not authorized to view this page. If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials t...
tomcat用户权限配置
zpllwy的专栏
10-16 1051
401 Unauthorized You are not authorized to view this page. If you have not changed any configuration files, please examine the fileconf/tomcat-users.xml in your installation. That file must c
Tomcat访问管理页面localhost出现:403 Access Denied
zhaofuqiangmycomm的博客
09-21 817
403 Access Denied You are not authorized to view this page. If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site r
tomcat,要管理app,提示403处理方法(两步)
irizhao的专栏
12-29 1510
打开/webapps/manager/META-INF/目录下context.xml文件,不是conf/目录下的context.xml文件,一定不要搞错了!然后重启tomcat,重新访问manager app页面,如果此时仍然出现403 Access Denied错误,那么就是访问的ip限制,重启tomcat,重新访问manager app页面。分两步解决:添加管理账户、添加管理IP。
Tomcat8.5 不能进入Manager App
08-17 2221
有时候需要进入Tomcat管理界面(比如Jenkins用Tomcat热部署的时候),但点击如下图中的Manager App 出现错误 错误提示: You are not authorized to view this page. By default the Host Manager is only accessible from a browser running on the
启动Tomcat 7.0.53时报错 401 Unauthorized
JFchenquan的专栏
06-19 2392
错误信息部分如下:401 Unauthorized You are not authorized to view this page. If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file...
Tomcat热部署
ys.hubery
09-17 211
1.配置访问Tomcat Manager的用户及相关权限 linux下安装tomcat(本文为tomcat8.5),安装后启动tomcat,访问http://192.168.28.132:8080查看是否安装启动成功 接下来我们访问:http://192.168.28.132:8080/manager/html,这个时候由于我们并未使用含有相关权限的用户登陆,系统会禁止用户访问该地址 ...
TOMCAT 9.0 配置问题 403 Access Denied
【设计改变世界】github地址:https://github.com/guochunyang2004
07-04 573
tomcat9.0 管理页面如:http://10.10.10.10:8080/manager/html出现如下错误: 403 Access Denied 1.需要配置: Tomcat/conf/tomcat-users.xml加入: &lt;role rolename="manager"/&gt; &lt;role rolename="admin"/&gt; &...
tomcat manager 无法使用
不再疯要傻
12-19 9754
在点击tomcat manager的时候提示以下内容: You are not authorized to view this page. By default the Host Manager is only accessible from a browser running on the same machine as Tomcat. If you wish to modify th
登录tomcat 时出现错误:tomcat You are not authorized to view this page
tzhongwen的专栏
07-14 7651
tomcat设置密码登录后tomcat You are not authorized to view this page的错误。    解决方法:修改tomcat-users.xml文件,主要是加上,也就是配置个权限。
Memory database file E:\apache-maven-3.6.3\brand-demo\brand-demo\target\tomcat\conf\tomcat-users.xml cannot be read
08-10
回答: 根据您提供的引用内容,出现"Memory database file E:\apache-maven-3.6.3\brand-demo\brand-demo\target\tomcat\conf\tomcat-users.xml cannot be read"错误的原因是无法读取位于E:\apache-maven-3.6.3\brand...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值