Michael,
On 9/28/24 13:34, Michael Osipov wrote:
On 2024/09/27 15:14:15 Christopher Schultz wrote:
Sebastian,
On 9/27/24 11:04, Sebastian Trost wrote:
Francesco,
On 26.09.2024 16:12, Francesco Viscomi wrote:
Hi all,
I'm not able to understand why I cannot access to
http://localhost:8080/manager/html
I've configured the user in tomcat.users.xml:
<role rolename="manager-gui"/>
<user username="admin" password="admin" roles="manager-gui"/>
I'm using tomcat 9; and jdk17;
I've also noted that in my personal pc when try to access manager/html a
pop up ask me to login (in my personal pc it works right)
While when I try to use it in the company pc it gives me 401
unauthorized;
I do not know what I have to modify on chrome to get access in manager
app,
I also use in the company pc Zscaler, but I do not know what I have to
change in it (eventually) in order to access the manager app.
Your corporate browser probably has basic authentication disabled. Check
this site: https://jigsaw.w3.org/HTTP/Basic
If there is no basic authentication popup where you can enter username/
password then this is probably the case.
See: https://answers.microsoft.com/en-us/microsoftedge/forum/all/latest-
version-of-edge-no-longer-shows-basic/3601252b-e56b-46c0-a088-0f6084eabe47
I've really had it with Microsoft deciding that HTTP Basic
authentication is just not okay. They seem to have forgotten that TLS
makes it secure.
The reasoning is never to share a long term secret: your password.
HTTP Digest also requires pre-shared passwords.
HTTP Digest is a nightmare, but they are forcing users onto it.
The key is to use SPNEGO in enterprise environments.
What about non-enterprise environments?
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
