Yep, I'm able to visit the application list, but not upload or start an
application.
I'll take a look at this CSRF Protection hint.
I'm using the default BASIC Auth provided by Tomcat to authenticate myself
on the manager.
2014-02-07 Konstantin Kolinko <knst.koli...@gmail.com>:
> 2014-02-07 Gaël THEROND <gael.ther...@gmail.com>:
> > Hello everyone,
> >
> > I'm facing a really strange issue since about two or three days now.
> >
> > I've got a Tomcat Server, which contain a virtualhost like this:
> >
> (....)
> >
> > If I start my tomcat instance, everything is fine, tomcat is launching
> > correctly without error, and correctly create the virtual host under the
> > ${catalina_base}/conf/Catalina/
> >
> > I can see on the catalina.out log file that tomcat even create the
> > manager.xml to be able to have an isolated manager for this host.
> >
> > the manager.xml file is correct.
> >
> > However, if I try to upload a WAR I'm facing a 403 error coming from
> tomcat.
> > Where I didn't get it, it's that on my main manager everything is fine, I
> > can log in and load a WAR correctly.
> >
>
> So, you are able to visit the "applications list" page in Manager, but
> upload of a WAR file results in 403?
>
> The page 403 in manager can be result of CSRF protection,
> For example, if your session has expired. The session is needed,
> because CsrfPreventionFilter stores protection token in the session.
>
> I wonder whether SingleSignOn affects this.
> What authentication schema are you using? The manager app uses BASIC by
> default.
>
> Best regards,
> Konstantin Kolinko
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
