Tomcat 9访问 Host Manager

第一步:下载tomcat。

由于机器环境是win7 旗舰版 64位,所以选择下载64-bit windows .zip。


Tomcat 9.0是绿色版,解压完成就可以使用。在tomcat主目录下的bin目录中,双击startup.bat文件就能够启动tomcat服务。然后在浏览器的地址栏中输入: localhost:8080,回车。成功访问tomcat。效果如下:


能够清楚的看到,有三个可以访问的链接。点击时需要用户名和密码。现在无法访问。

  • Server Status
  • Manager App
  • Host Manager


第二步:配置tomcat-users.xml 文件

在主目录的cong文件夹下找到tomcat-users.xml 文件中配置用户角色:

针对第三个按钮“Host Manager”,配置角色时一定把角色配全。修改tomcat-users.xml 文件,加入如下代码:

<role rolename="admin-gui"/>
<role rolename="manager-gui"/>  
<user username="tomcat" password="s3cret" roles="admin-gui,manager-gui"/>
配置tomcat-users.xml文件后,重新启动tomcat服务。 在浏览器的地址栏中输入:  localhost:8080,回车。成功访问tomcat,点击要访问的 “Host Manager”在弹出的“身份验证”框中输入用户名:tomcat,密码:s3cret,点击登录按钮。效果如下:

然后就可以顺利访问“Host  Manager”了。

以下内容可以忽略。

--------------------------------------------------------------------------------------------------

  • Server Status
  • Manager App
  • Host Manager

  • 前两个按钮和manager相关,具体角色名为
    • manager-gui - allows access to the HTML GUI and the status pages
    • manager-script - allows access to the text interface and the status pages
    • manager-jmx - allows access to the JMX proxy and the status pages
    • manager-status - allows access to the status pages only
  • 第三个按钮和admin相关,具体角色名为
    •     admin-gui - allows access to the HTML GUI and the status pages
    •     admin-script - allows access to the text interface and the status pages

所以在 tomcat-users.xml 如果不注重安全性,只是测试用的话,对应部分可以简单地写成下面这个样子:

---------------------------------

  <role rolename="admin"/>
  <role rolename="manager-script"/>
  <role rolename="manager-gui"/>
  <role rolename="manager-jmx"/>
  <role rolename="manager-status"/>
  <role rolename="admin-gui"/>
  <role rolename="admin-script"/>

  <user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>

---------------------------------


很多网页没说到第三个按钮针对的角色。不添加admin-gui和admin-script的话,第三个按钮就会出现访问被拒绝的问题(access denied ....)。

详细说明可以参考 Tomcat 的文档(http://tomcat.apache.org/migration.html#Manager_application):

Manager application

The Manager application has been re-structured for Tomcat 7 onwards and some URLs have changed. All URLs used to access the Manager application should now start with one of the following options:

  • <ContextPath>/html for the HTML GUI
  • <ContextPath>/text for the text interface
  • <ContextPath>/jmxproxy for the JMX proxy
  • <ContextPath>/status for the status pages

Note that the URL for the text interface has changed from "<ContextPath>" to "<ContextPath>/text".

The roles required to use the Manager application were changed from the singlemanager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.

  • manager-gui - allows access to the HTML GUI and the status pages
  • manager-script - allows access to the text interface and the status pages
  • manager-jmx - allows access to the JMX proxy and the status pages
  • manager-status - allows access to the status pages only

The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:

  • users with the manager-gui role should not be granted either the manager-script ormanager-jmx roles.
  • if the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.

The roles command has been removed from the Manager application since it did not work with the default configuration and most Realms do not support providing a list of roles.

 
Host Manager application

The Host Manager application has been re-structured for Tomcat 7 onwards and some URLs have changed. All URLs used to access the Host Manager application should now start with one of the following options:

  • <ContextPath>/html for the HTML GUI
  • <ContextPath>/text for the text interface

Note that the URL for the text interface has changed from "<ContextPath>" to "<ContextPath>/text".

The roles required to use the Host Manager application were changed from the singleadmin role to the following two roles. You will need to assign the role(s) required for the functionality you wish to access.

  • admin-gui - allows access to the HTML GUI and the status pages
  • admin-script - allows access to the text interface and the status pages

The HTML interface is protected against CSRF but the text interface is not. To maintain the CSRF protection:

  • users with the admin-gui role should not be granted the admin-script role.
  • if the text interface is accessed through a browser (e.g. for testing since this inteface is intended for tools not humans) then the browser must be closed afterwards to terminate the session.
  • 6
    点赞
  • 4
    收藏
    觉得还不错? 一键收藏
  • 1
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值