tomcat9.0 web控制界面用户开启方法

403 Access Denied

1.需要配置:

(1)Tomcat/conf/tomcat-users.xml加入:

 <role rolename="manager"/>     
  <role rolename="admin"/> 
  <role rolename="admin-gui"/>
  <role rolename="manager-gui"/>
  <user username="xxx" password="***" roles="admin-gui,manager-gui"/>

以上配置好后本地可以访问,http://127.0.0.1:8080/manager/html

(2)或者编辑 Tomcat/conf/tomcat-users.xml

新增

<role rolename="manager-gui"/>
<user username="tomcat" password="s3cret" roles="manager-gui"/>

2、修改IP验证,Tomcat9默认只允许本地管理,如果需要远程管理,需要将对应的IP加上去,或者如下方红色区域,正则匹配。

修改Tomcat/webapps/manager/META-INF/context.xml

<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
  <Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|org\.apache\.catalina\.filters\.CsrfPreventionFilt
er\$LruCache(?:\$1)?|java\.util\.(?:Linked)?HashMap"/>

</Context>

修改后:

<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|\d+\.\d+\.\d+\.\d+" />
  <Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|org\.apache\.catalina\.filters\.CsrfPreventionFilt
er\$LruCache(?:\$1)?|java\.util\.(?:Linked)?HashMap"/>
</Context>

 

展开阅读全文

没有更多推荐了,返回首页