On Mon, 23 May 2016 15:25:54 +0200 André Warnier (tomcat) <a...@ice-sa.com> wrote:
> On 23.05.2016 15:08, Bjørn T Johansen wrote: > > On Mon, 23 May 2016 14:54:14 +0200 > > André Warnier (tomcat) <a...@ice-sa.com> wrote: > > > >> On 23.05.2016 14:48, Bjørn T Johansen wrote: > >>> On Mon, 23 May 2016 14:39:25 +0200 > >>> André Warnier (tomcat) <a...@ice-sa.com> wrote: > >>> > >>>> On 23.05.2016 14:25, Bjørn T Johansen wrote: > >>>>> On Fri, 20 May 2016 13:49:35 +0200 > >>>>> André Warnier (tomcat) <a...@ice-sa.com> wrote: > >>>>> > >>>>>> On 20.05.2016 12:54, Bjørn T Johansen wrote: > >>>>>>> When I access the status page everything works fine but when I try to > >>>>>>> access the manager page, I get the following error: > >>>>>>> > >>>>>>> This site can’t be reached > >>>>>>> > >>>>>>> The connection was reset. > >>>>>>> Try: > >>>>>>> Reloading the page > >>>>>>> Checking the connection > >>>>>>> Checking the proxy and the firewall > >>>>>>> ERR_CONNECTION_RESET > >>>>>>> > >>>>>>> > >>>>>>> I can not find any reasons for this in the default config, what am I > >>>>>>> missing? > >>>>>>> > >>>>>> > >>>>>> And in the Tomcat logfiles ? > >>>>>> > >>>>>> > >>>>> Nothing, except for this in the access log: > >>>>> > >>>>> [23/May/2016:14:23:22 +0200] "GET /manager HTTP/1.1" 302 - > >>>>> [23/May/2016:14:23:22 +0200] "GET /manager/ HTTP/1.1" 302 - > >>>>> [23/May/2016:14:23:22 +0200] "GET /manager/html HTTP/1.1" 401 2473 > >>>>> > >>>>> > >>>>> What's strange is that if I try from the same subnet as the Tomcat is > >>>>> installed in, then it works. But not from another subnet... > >>>>> > >>>> > >>>> I don't remember if you ever posted the Tomcat version which you are > >>>> using. > >>>> In case it is 8.0.x, have a look here : > >>>> http://tomcat.apache.org/tomcat-8.0-doc/manager-howto.html#Configuring_Manager_Application_Access > >>>> (The paragraph starting with : "In addition to the password > >>>> restrictions,..") > >>>> Check with the on-line docs relevant to your version, if there isn't > >>>> something like that > >>>> configured on your system. > >>>> > >>> > >>> Yes, we are using version 8.0.x > >>> And last week I just downloaded the new version 8.0.35 and added my user > >>> in the tomcat-users.xml file and tried on an empty tomcat server and I got > >>> the same result... > >>> > >> > >> And did you really check what I asked you to check above ? > >> A 401 response (as shown by the above log) means "forbidden". > >> If you say that from some place you can access it, and from others not, > >> then there is > >> somewhere something that makes a difference based on your client's IP > >> address. > >> > >> > > Yes, I read the same page last week. I even tried to add a file > > where ? > > containing: > > > > <Context privileged="true"> > > <Valve className="org.apache.catalina.valves.RemoteAddrValve" > > allow="127\.0\.0\.1"/> > > </Context> > > > > with my ip address without any change... > > > > And yes, I know the logic behind the error message but I can not find any > > logic to why it's happening.. Also if /status works, why wouldn't /manager ? > > > > And sorry, I was wrong above. A 401 response means really this : > > quote > 10.4.2 401 Unauthorized > > The request requires user authentication. The response MUST include a > WWW-Authenticate > header field (section 14.47) containing a challenge applicable to the > requested resource. > The client MAY repeat the request with a suitable Authorization header field > (section > 14.8). If the request already included Authorization credentials, then the > 401 response > indicates that authorization has been refused for those credentials. If the > 401 response > contains the same challenge as the prior response, and the user agent has > already > attempted authentication at least once, then the user SHOULD be presented the > entity that > was given in the response, since that entity might include relevant > diagnostic > information. HTTP access authentication is explained in "HTTP Authentication: > Basic and > Digest Access Authentication" [43]. > unquote > > In other words, it means "for accessing this page, you need to authenticate". > So, if your browser is allowed to use HTTP Basic authentication, it should > pop up a login > dialog. > Does it ? > If it does not, then : > - are you inside some company LAN, within a Windows Domain ? > - if yes, is your browser IE, and is it allowed to do HTTP Basic > authentication ? > > I created a file called "hostname".xml and placed it in conf/Catalina.. And yes, I get the popup asking for username and password, the 401 error appears after I have logged in... And the answer to your other questions is no, I am using Linux... BTJ --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
