On Mon, Sep 1, 2014 at 12:36 PM, Shanti Suresh <sha...@umich.edu> wrote:
> Hi Dan, > > > > On Fri, Aug 29, 2014 at 12:34 PM, Daniel Mikusa <dmik...@pivotal.io> > wrote: > > > > > Can you access the JMXProxy servlet directly? > > > > > > > > > http://tomcat.apache.org/tomcat-7.0-doc/manager-howto.html#Using_the_JMX_Proxy_Servlet > > > > > Thanks for the note and the references. On accessing the JMXProxy servlet > directly, I get a "403 Access Denied" as well. > > > > Have you configured access to the manager app? > > > > > > > > > http://tomcat.apache.org/tomcat-7.0-doc/manager-howto.html#Configuring_Manager_Application_Access > > > > > I would like localhost to access the JMXProxy servlet without a password. > And hence, I used the RemoteAddrValve in the manager-context within > "manager.xml" to configure access. This setup used to work in 7.0.23 with > just an IP address restriction and no password. So using a RemoteAddrValve will allow you to restrict access by IP address, but the manager application is still configured to require authentication. See this note from the link I sent previously. "It would be quite unsafe to ship Tomcat with default settings that allowed anyone on the Internet to execute the Manager application on your server. Therefore, the Manager application is shipped with the requirement that anyone who attempts to use it must authenticate themselves, using a username and password that have one of manager-** roles associated with them (the role name depends on what functionality is required). Further, there is no username in the default users file ($CATALINA_BASE/conf/tomcat-users.xml) that is assigned to those roles. Therefore, access to the Manager application is completely disabled by default. " Did you do something in your previous setup to disable authentication? I have a perl script that > periodically invokes JSPs within the manager application; these JSPs then > invoke the JMXProxy servlet. So I thought I could get the same thing to > happen in 7.0.52. > How are the JSP's invoking the JMXProxyServlet? Are they sending an HTTP request? Dan > > I know I am missing something. > > Thanks, > > -Shanti >
