-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Bo,
On 12/18/18 00:10, Bo wrote: > I do a clean install of the tomcat7 folder and rename it to just > tomcat, and without changing ANYTHING and without adding any old > files yet, I start the tomcat service and try to get to the status > page, but this time it won't even let me log into anything at all > either, no matter what I try. By default, Tomcat does not allow users to view the status (manager, right?) page. You have to specifically edit the tomcat-users.xml file in order to allow access. > This is the tomcat7 fresh download links I used > > https://tomcat.apache.org/download-70.cgi > > http://apache.mirrors.tds.net/tomcat/tomcat-7/v7.0.92/bin/apache-tomca t-7.0.92-windows-x86.zip > > https://tomcat.apache.org/tomcat-7.0-doc/appdev/deployment.html > > I unzip the apache-tomcat-7.0.92-windows-x86.zip and put it in the > root of a custom web app that I have and then I use the > service.bat install to trigger the services install, this is on > windows server so I start it up in services.msc > > I can go to localhost fine, but it won't let me login > > > I checked the tomcat user xml file a trillion times to triple check > to make sure I have it right, but no matter what, even after > multiple restarts, it won't even let me login to the status > page!!!!! When you say you "checked it", do you mean you /edited/ it, or is it still the same file that shipped with Tomcat? > 401 Unauthorized > > You are not authorized to view this page. If you have not changed > any configuration files, please examine the file > conf/tomcat-users.xml in your installation. That file must contain > the credentials to let you use this webapp. > > For example, to add the manager-gui role to a user named tomcat > with a password of s3cret, add the following to the config file > listed above. > > <role rolename="manager-gui"/> <user username="tomcat" > password="s3cret" roles="manager-gui"/> > > Note that for Tomcat 7 onwards, the roles required to use the > manager application were changed from the single manager role to > the following four roles. You will need to assign the role(s) > required for the functionality you wish to access. > > manager-gui - allows access to the HTML GUI and the status pages > manager-script - allows access to the text interface and the status > pages manager-jmx - allows access to the JMX proxy and the status > pages manager-status - allows access to the status pages only > > The HTML interface is protected against CSRF but the text and JMX > interfaces are not. To maintain the CSRF protection: > > Users with the manager-gui role should not be granted either the > manager-script or manager-jmx roles. If the text or jmx interfaces > are accessed through a browser (e.g. for testing since these > interfaces are intended for tools not humans) then the browser must > be closed afterwards to terminate the session. > > For more information - please see the Manager App HOW-TO. > Without revealing any passwords, can you post your ENTIRE (again, redacted) tomcat-users.xml file? - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwYhR4ACgkQHPApP6U8 pFhZ6BAAkhA4xXe6iSF2k4kK4NoK0N9ViCaW8CaFQjcM324FkyN4t66lnOEQXAVm hIcnOdyveCRQxuNK6TYbBSOG+0KXmuReXelGaGs37hMHGEzaxGUkrkoU7ntDZBvB euvXOUmOjJDNgGVP5FnH5iiqsRhRpL6Fd7a5n1upAzJSryXelOVuf3q+kD7y+7Fm vuT6NAiee/2efnN2vXGv0vGqAGoSLDUHIvGKXinv/JGbIf6JIIqb1ZGo9KuUPp+j tIEaKSB42blqZ/SntEk44i5hmQctX6eTlvbl+u8XDExfQGNCnru0A9xCtV9/3v5q ZbNB9e8Z2DhoaB4S57wuCxNCqsXuyOvZz4YWsQ70Cx+u5G8tmfVfUZUfmndUWuqC /dvIEreFZLzcSr+eh7mym7iRbktcb0G6iXnVJBpl0zYhLZsdckZ4WpArjHZHuC2J O/5umGbavG59SI6SYl41Ww1aYRxIKMKsXcVoi/RjVk202EcaSQ/xti8/9ar51CmN 2QtdoTGqud+qJVT1OflcxB+rirrw/ZEGWg8nVOA5A5acqMsPgF6HxjI+aOgZvO+Q ewQUpjkYamhnIo0JgZR9H7TyhpB6v+emhvd+h1ny+v0nozJPiv3NSjsLJkd8uepa LT8q43HxySWk7m53t60GRnOS/R9un4XOFRZ+VdTya78hK4ONdBA= =yC4/ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
