here is screenshot I just tried again still no working
https://i.imgur.com/8bQH2YB.png On Mon, Dec 17, 2018, at 11:27 PM, Christopher Schultz wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Bo, > > On 12/18/18 00:10, Bo wrote: > > I do a clean install of the tomcat7 folder and rename it to just > > tomcat, and without changing ANYTHING and without adding any old > > files yet, I start the tomcat service and try to get to the status > > page, but this time it won't even let me log into anything at all > > either, no matter what I try. > By default, Tomcat does not allow users to view the status (manager, > right?) page. > > You have to specifically edit the tomcat-users.xml file in order to > allow access. > > > This is the tomcat7 fresh download links I used > > > > https://tomcat.apache.org/download-70.cgi > > > > http://apache.mirrors.tds.net/tomcat/tomcat-7/v7.0.92/bin/apache-tomca > t-7.0.92-windows-x86.zip > > > > https://tomcat.apache.org/tomcat-7.0-doc/appdev/deployment.html > > > > I unzip the apache-tomcat-7.0.92-windows-x86.zip and put it in the > > root of a custom web app that I have and then I use the > > service.bat install to trigger the services install, this is on > > windows server so I start it up in services.msc > > > > I can go to localhost fine, but it won't let me login > > > > > > I checked the tomcat user xml file a trillion times to triple check > > to make sure I have it right, but no matter what, even after > > multiple restarts, it won't even let me login to the status > > page!!!!! > > When you say you "checked it", do you mean you /edited/ it, or is it > still the same file that shipped with Tomcat? > > > 401 Unauthorized > > > > You are not authorized to view this page. If you have not changed > > any configuration files, please examine the file > > conf/tomcat-users.xml in your installation. That file must contain > > the credentials to let you use this webapp. > > > > For example, to add the manager-gui role to a user named tomcat > > with a password of s3cret, add the following to the config file > > listed above. > > > > <role rolename="manager-gui"/> <user username="tomcat" > > password="s3cret" roles="manager-gui"/> > > > > Note that for Tomcat 7 onwards, the roles required to use the > > manager application were changed from the single manager role to > > the following four roles. You will need to assign the role(s) > > required for the functionality you wish to access. > > > > manager-gui - allows access to the HTML GUI and the status pages > > manager-script - allows access to the text interface and the status > > pages manager-jmx - allows access to the JMX proxy and the status > > pages manager-status - allows access to the status pages only > > > > The HTML interface is protected against CSRF but the text and JMX > > interfaces are not. To maintain the CSRF protection: > > > > Users with the manager-gui role should not be granted either the > > manager-script or manager-jmx roles. If the text or jmx interfaces > > are accessed through a browser (e.g. for testing since these > > interfaces are intended for tools not humans) then the browser must > > be closed afterwards to terminate the session. > > > > For more information - please see the Manager App HOW-TO. > > > > Without revealing any passwords, can you post your ENTIRE (again, > redacted) tomcat-users.xml file? > > - -chris > -----BEGIN PGP SIGNATURE----- > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwYhR4ACgkQHPApP6U8 > pFhZ6BAAkhA4xXe6iSF2k4kK4NoK0N9ViCaW8CaFQjcM324FkyN4t66lnOEQXAVm > hIcnOdyveCRQxuNK6TYbBSOG+0KXmuReXelGaGs37hMHGEzaxGUkrkoU7ntDZBvB > euvXOUmOjJDNgGVP5FnH5iiqsRhRpL6Fd7a5n1upAzJSryXelOVuf3q+kD7y+7Fm > vuT6NAiee/2efnN2vXGv0vGqAGoSLDUHIvGKXinv/JGbIf6JIIqb1ZGo9KuUPp+j > tIEaKSB42blqZ/SntEk44i5hmQctX6eTlvbl+u8XDExfQGNCnru0A9xCtV9/3v5q > ZbNB9e8Z2DhoaB4S57wuCxNCqsXuyOvZz4YWsQ70Cx+u5G8tmfVfUZUfmndUWuqC > /dvIEreFZLzcSr+eh7mym7iRbktcb0G6iXnVJBpl0zYhLZsdckZ4WpArjHZHuC2J > O/5umGbavG59SI6SYl41Ww1aYRxIKMKsXcVoi/RjVk202EcaSQ/xti8/9ar51CmN > 2QtdoTGqud+qJVT1OflcxB+rirrw/ZEGWg8nVOA5A5acqMsPgF6HxjI+aOgZvO+Q > ewQUpjkYamhnIo0JgZR9H7TyhpB6v+emhvd+h1ny+v0nozJPiv3NSjsLJkd8uepa > LT8q43HxySWk7m53t60GRnOS/R9un4XOFRZ+VdTya78hK4ONdBA= > =yC4/ > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
